CVE Catalog

CVE-2025-60236

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Summary

Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5.

Risk Assessment

Exploitation of this vulnerability may lead to unauthorized access to the system and potential takeover of the application. Organizations should be aware of the risks associated with unauthorized data injection.

Recommendation

It is recommended to update to the latest version of Creatify to mitigate the risks associated with this vulnerability. Additionally, implementing safeguards against deserialization of untrusted data is advisable.

Original NVD description (English source)

Deserialization of Untrusted Data vulnerability in EMV Creatify allows Object Injection. This issue affects Creatify: from n/a through 1.5.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS