← back
CVE-2025-63917

CVE-2025-63917

CVSS 7.1 HIGHEPSS 0.3%CWE-611
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.1EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Nov 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
PDFPatcher thru 1.1.3.4663 executable's XML bookmark import functionality does not restrict XML external entity (XXE) references. The application uses .NET's XmlDocument class without disabling external entity resolution, enabling attackers to: Read arbitrary files from the victim's filesystem, exfiltrate sensitive data via out-of-band (OOB) HTTP requests, perform SSRF attacks against internal network resources, or cause a denial of service via entity expansion attacks.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/cydtseng/Vulnerability-Research/blob/main/pdfpatcher/XXE-Importers.mdhttps://github.com/wmjordan/PDFPatcherhttps://www.cnblogs.com/pdfpatcher