CVE-2025-9976CRITICAL 9.0EPSS p56.2%

CVE-2025-9976CVE-2025-9976

Description

An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x could allow an attacker to execute arbitrary code on the user's machine.

Scoring

CVSS 3.19.0 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS0.94% probability of exploitation · percentile 56.2% · 2026-06-19T12:03:05Z
Published2025-10-13
Last modified2026-04-15

Underlying weaknesses· 1

CWE-78

References

  1. https://www.3ds.com/trust-center/security/security-advisories/cve-2025-9976

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-4991
CVE
CVE-2025-4986
CVE
CVE-2025-0827
CVE
CVE-2025-4992
CVE
CVE-2025-4988
CVE
CVE-2025-0595
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.