VYPR
Critical severityNVD Advisory· Published Jan 16, 2026· Updated Jan 16, 2026

CVE-2025-68924

CVE-2025-68924

Description

In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
UmbracoFormsNuGet
<= 8.13.16

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.