CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-25099

Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.9%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2026-25099

Bludit » Bludit » Version: 0.1

cpe:2.3:a:bludit:bludit:0.1
Bludit » Bludit » Version: 0.2

cpe:2.3:a:bludit:bludit:0.2
Bludit » Bludit » Version: 0.4

cpe:2.3:a:bludit:bludit:0.4
Bludit » Bludit » Version: 0.5

cpe:2.3:a:bludit:bludit:0.5
Bludit » Bludit » Version: 0.6

cpe:2.3:a:bludit:bludit:0.6
Bludit » Bludit » Version: 0.6.1

cpe:2.3:a:bludit:bludit:0.6.1
Bludit » Bludit » Version: 0.6.2

cpe:2.3:a:bludit:bludit:0.6.2
Bludit » Bludit » Version: 0.7

cpe:2.3:a:bludit:bludit:0.7
Bludit » Bludit » Version: 0.7.1

cpe:2.3:a:bludit:bludit:0.7.1
Bludit » Bludit » Version: 0.7.2

cpe:2.3:a:bludit:bludit:0.7.2
Bludit » Bludit » Version: 1.0

cpe:2.3:a:bludit:bludit:1.0
Bludit » Bludit » Version: 1.0.1

cpe:2.3:a:bludit:bludit:1.0.1
Bludit » Bludit » Version: 1.1.2

cpe:2.3:a:bludit:bludit:1.1.2
Bludit » Bludit » Version: 1.3

cpe:2.3:a:bludit:bludit:1.3
Bludit » Bludit » Version: 1.4

cpe:2.3:a:bludit:bludit:1.4
Bludit » Bludit » Version: 1.5

cpe:2.3:a:bludit:bludit:1.5
Bludit » Bludit » Version: 1.5.1

cpe:2.3:a:bludit:bludit:1.5.1
Bludit » Bludit » Version: 1.5.2

cpe:2.3:a:bludit:bludit:1.5.2
Bludit » Bludit » Version: 1.6

cpe:2.3:a:bludit:bludit:1.6
Bludit » Bludit » Version: 1.6.1

cpe:2.3:a:bludit:bludit:1.6.1
Bludit » Bludit » Version: 1.6.2

cpe:2.3:a:bludit:bludit:1.6.2
Bludit » Bludit » Version: 2.0

cpe:2.3:a:bludit:bludit:2.0
Bludit » Bludit » Version: 2.0.1

cpe:2.3:a:bludit:bludit:2.0.1
Bludit » Bludit » Version: 2.0.2

cpe:2.3:a:bludit:bludit:2.0.2
Bludit » Bludit » Version: 2.1

cpe:2.3:a:bludit:bludit:2.1
Bludit » Bludit » Version: 2.1.1

cpe:2.3:a:bludit:bludit:2.1.1
Bludit » Bludit » Version: 2.2

cpe:2.3:a:bludit:bludit:2.2
Bludit » Bludit » Version: 2.2.1

cpe:2.3:a:bludit:bludit:2.2.1
Bludit » Bludit » Version: 2.3

cpe:2.3:a:bludit:bludit:2.3
Bludit » Bludit » Version: 2.3.1

cpe:2.3:a:bludit:bludit:2.3.1
Bludit » Bludit » Version: 2.3.2

cpe:2.3:a:bludit:bludit:2.3.2
Bludit » Bludit » Version: 2.3.3

cpe:2.3:a:bludit:bludit:2.3.3
Bludit » Bludit » Version: 2.3.4

cpe:2.3:a:bludit:bludit:2.3.4
Bludit » Bludit » Version: 3.0.0

cpe:2.3:a:bludit:bludit:3.0.0
Bludit » Bludit » Version: 3.1.0

cpe:2.3:a:bludit:bludit:3.1.0
Bludit » Bludit » Version: 3.10.0

cpe:2.3:a:bludit:bludit:3.10.0
Bludit » Bludit » Version: 3.11.0

cpe:2.3:a:bludit:bludit:3.11.0
Bludit » Bludit » Version: 3.12.0

cpe:2.3:a:bludit:bludit:3.12.0
Bludit » Bludit » Version: 3.13.0

cpe:2.3:a:bludit:bludit:3.13.0
Bludit » Bludit » Version: 3.13.1

cpe:2.3:a:bludit:bludit:3.13.1
Bludit » Bludit » Version: 3.14.0

cpe:2.3:a:bludit:bludit:3.14.0
Bludit » Bludit » Version: 3.14.1

cpe:2.3:a:bludit:bludit:3.14.1
Bludit » Bludit » Version: 3.15.0

cpe:2.3:a:bludit:bludit:3.15.0
Bludit » Bludit » Version: 3.16.0

cpe:2.3:a:bludit:bludit:3.16.0
Bludit » Bludit » Version: 3.16.1

cpe:2.3:a:bludit:bludit:3.16.1
Bludit » Bludit » Version: 3.16.2

cpe:2.3:a:bludit:bludit:3.16.2
Bludit » Bludit » Version: 3.2.0

cpe:2.3:a:bludit:bludit:3.2.0
Bludit » Bludit » Version: 3.3.0

cpe:2.3:a:bludit:bludit:3.3.0
Bludit » Bludit » Version: 3.4.0

cpe:2.3:a:bludit:bludit:3.4.0
Bludit » Bludit » Version: 3.5.0

cpe:2.3:a:bludit:bludit:3.5.0
Bludit » Bludit » Version: 3.8.1

cpe:2.3:a:bludit:bludit:3.8.1
Bludit » Bludit » Version: 3.9.0

cpe:2.3:a:bludit:bludit:3.9.0
Bludit » Bludit » Version: 3.9.1

cpe:2.3:a:bludit:bludit:3.9.1
Bludit » Bludit » Version: 3.9.2

cpe:2.3:a:bludit:bludit:3.9.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-25099

Products

Pricing

Contact Us