CVE-2025-67995

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions LoftOcean PatioTime versions prior to 2.1

Description A flaw exists in LoftOcean PatioTime that allows for object injection due to deserialization of untrusted data. This issue impacts the application's handling of data, potentially allowing an attacker to manipulate objects within the system.

Recommendations Update LoftOcean PatioTime to version 2.1 or later.

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2025-67995

Affected Products

Patiotime

CVE-2025-67995

Weakness Enumeration

Related Identifiers

Affected Products

References · 3