COOEY // HUBcompliance · community · intelligence

FAIL › dossier

umbraco cms product

1
failure events
0
zero-days
1
RCEs
0
on KEV
1
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 1 events

DateEventSevFlagsShameSummary
2025-12-22 CVE-2025-67288 critical ⚡RCE 50 An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code by uploading a crafted PDF file. NOTE: this is disputed by the Supplier because the responsibility for file validation (as shown in the documentation) belongs to the system ad