VYPR

VisiCut

by VisiCut

CVEs (2)

  • CVE-2025-25940CriMar 10, 2025
    risk 0.64cvss 9.8epss 0.01

    VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java.

  • CVE-2025-43708LowApr 17, 2025
    risk 0.21cvss 3.3epss 0.00

    VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an "insecure deserialization" issue.