Live 2.0

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-66956	Asseco SEE Live 2.0	Cri	0.64	9.9	0.00		Mar 11, 2026	Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote attackers to access and execute attachments via a computable URL.
CVE-2025-66955	Asseco SEE Live 2.0	Med	0.42	6.5	0.00		Mar 12, 2026	Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.

CVE-2025-66956CriMar 11, 2026
Asseco SEE
Live 2.0
risk 0.64cvss 9.9epss 0.00
Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote attackers to access and execute attachments via a computable URL.
CVE-2025-66955MedMar 12, 2026
Asseco SEE
Live 2.0
risk 0.42cvss 6.5epss 0.00
Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.