CVE-2025-53939

Published November 29th, 2025

View on NVD ↗

CVSS v3

6.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Kiteworks is a private data network (PDN). Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0.

kiteworks/security-advisories

Security advisories for all published CVEs of Kiteworks

GitHub