High severityOSV Advisory· Published Oct 23, 2025· Updated Apr 15, 2026
CVE-2025-62713
CVE-2025-62713
Description
Kottster is a self hosted Node.js admin panel. From versions 3.2.0 to before 3.3.2, Kottster contains a pre-authentication remote code execution (RCE) vulnerability when running in development mode. This affects development mode only, production deployments were never affected. This issue has been fixed in version 3.3.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@kottster/servernpm | >= 3.2.0, < 3.3.2 | 3.3.2 |
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.