{"cve_id":"CVE-2025-55267","summary":"HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"epss":0.00034,"ranking_epss":0.09822,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793"],"published_time":"2026-03-26T13:16:25","cpes":["cpe:2.3:a:hcltech:aftermarket_cloud:1.0.0"]}