{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25925", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-09T16:22:17.785Z", "datePublished": "2026-02-09T21:59:08.335Z", "dateUpdated": "2026-02-11T21:22:45.286Z"}, "containers": {"cna": {"title": "PowerDocu Affected by Remote Code Execution via Insecure Deserialization", "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "lang": "en", "description": "CWE-502: Deserialization of Untrusted Data", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/modery/PowerDocu/security/advisories/GHSA-m8j2-5jr7-2jpw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/modery/PowerDocu/security/advisories/GHSA-m8j2-5jr7-2jpw"}, {"name": "https://github.com/modery/PowerDocu/releases/tag/v-2.4.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/modery/PowerDocu/releases/tag/v-2.4.0"}], "affected": [{"vendor": "modery", "product": "PowerDocu", "versions": [{"version": "< 2.4.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-09T21:59:08.335Z"}, "descriptions": [{"lang": "en", "value": "PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to instantiate arbitrary .NET objects and execute code. This vulnerability is fixed in 2.4.0."}], "source": {"advisory": "GHSA-m8j2-5jr7-2jpw", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-11T21:22:37.654118Z", "id": "CVE-2026-25925", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T21:22:45.286Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25925", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-11T21:22:37.654118Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-11T21:22:42.755Z"}}], "cna": {"title": "PowerDocu Affected by Remote Code Execution via Insecure Deserialization", "source": {"advisory": "GHSA-m8j2-5jr7-2jpw", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "modery", "product": "PowerDocu", "versions": [{"status": "affected", "version": "< 2.4.0"}]}], "references": [{"url": "https://github.com/modery/PowerDocu/security/advisories/GHSA-m8j2-5jr7-2jpw", "name": "https://github.com/modery/PowerDocu/security/advisories/GHSA-m8j2-5jr7-2jpw", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/modery/PowerDocu/releases/tag/v-2.4.0", "name": "https://github.com/modery/PowerDocu/releases/tag/v-2.4.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to instantiate arbitrary .NET objects and execute code. This vulnerability is fixed in 2.4.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-09T21:59:08.335Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25925", "state": "PUBLISHED", "dateUpdated": "2026-02-11T21:22:45.286Z", "dateReserved": "2026-02-09T16:22:17.785Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-09T21:59:08.335Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:modery:powerdocu:*:*:*:*:*:*:*:*", "matchCriteriaId": "72BD01ED-2860-4AA0-B857-EFD869020F19", "versionEndExcluding": "2.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PowerDocu contains a Windows GUI executable to perform technical documentations. Prior to 2.4.0, PowerDocu contains a critical security vulnerability in how it parses JSON files within Flow or App packages. The application blindly trusts the $type property in JSON files, allowing an attacker to instantiate arbitrary .NET objects and execute code. This vulnerability is fixed in 2.4.0."}, {"lang": "es", "value": "PowerDocu contiene un ejecutable GUI de Windows para realizar documentaciones t\u00e9cnicas. Antes de la versi\u00f3n 2.4.0, PowerDocu conten\u00eda una vulnerabilidad de seguridad cr\u00edtica en la forma en que analiza los archivos JSON dentro de paquetes de Flow o de aplicaciones. La aplicaci\u00f3n conf\u00eda ciegamente en la propiedad $type en los archivos JSON, permitiendo a un atacante instanciar objetos .NET arbitrarios y ejecutar c\u00f3digo. Esta vulnerabilidad est\u00e1 corregida en la versi\u00f3n 2.4.0."}], "id": "CVE-2026-25925", "lastModified": "2026-02-28T00:13:57.360", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-09T22:16:04.607", "references": [{"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/modery/PowerDocu/releases/tag/v-2.4.0"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/modery/PowerDocu/security/advisories/GHSA-m8j2-5jr7-2jpw"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.4.0)"}}], "product": "powerdocu", "vendor": "modery"}], "analysis": {"en": {"generated_at": "2026-04-17T21:05:41.383651+00:00", "value": {"mitigation_remediation": ["Upgrade to PowerDocu version\u202f2.4.0 or later, which removes the insecure deserialization path.", "If upgrading is impossible, deny or restrict access to Flow and App packages so that untrusted JSON files are not processed.", "Implement custom validation or a whitelist for the $type property during JSON deserialization to prevent instantiation of arbitrary .NET objects."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects all installations of PowerDocu prior to version\u202f2.4.0. No specific sub\u2011versions are listed, so any release earlier than 2.4.0 is considered vulnerable.", "description_and_impact": "PowerDocu, a Windows GUI application for technical documentation, parses JSON files contained in Flow or App packages. The application blindly trusts the $type property in these JSON files, enabling an attacker to instantiate arbitrary .NET objects and execute code. This flaw is a classic example of insecure deserialization (CWE\u2011502) and can lead to arbitrary code execution on the host system.", "risk_and_exploitability": "The CVSS score of 7.8 indicates high impact, while the EPSS score of less than 1\u202f% suggests exploitation is currently unlikely. Because the flaw is triggered when the application processes a malicious Flow or App package, the attack vector is likely local or remote depending on how the file is introduced. No report of active exploitation is in KEV catalog, but the high severity warrants prompt attention. The main prerequisite for exploitation is the ability to supply a crafted JSON file that the application will parse."}}}}, "created": "2026-02-10T11:34:55.970809+00:00", "updated": "2026-04-17T21:15:27.378698+00:00", "vendors": ["modery", "modery$PRODUCT$powerdocu"]}