CVE Catalog

CVE-2025-56218

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.60%

44th percentile - higher than 44% of all known CVEs

Summary

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.

Risk Assessment

The risk for the organization includes potential system compromise, data theft, or service disruption.

Recommendation

It is recommended to immediately update SigningHub to the latest version and implement file upload validation mechanisms.

Original NVD description (English source)

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS