CVE-2025-65519

Name of the Vulnerable Software and Affected Versions mayswind ezbookkeeping versions prior to 1.3.0

Description The application does not properly validate nesting depth when processing JSON and XML files during import. This allows attackers with valid credentials to cause a denial of service by uploading specially crafted, deeply nested files. This can lead to CPU exhaustion, service degradation, or complete service unavailability.

Recommendations Update mayswind ezbookkeeping to version 1.3.0 or later.