CVE-2025-12509
HIGHDescription
On a client with an admin user, a Global_Shipping script can be implemented. The script could later be executed on the BRAIN2 server with administrator rights.
Is your site exposed to CVE-2025-12509?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-12509? +
How severe is CVE-2025-12509? +
How do I check if I'm vulnerable to CVE-2025-12509? +
Related Vulnerabilities
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository …
In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The …
pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules …
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control …
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution …
Cursor is a code editor built for programming with AI. In versions prior to 3.0.0, the Cursor Desktop could execute …