CVE-2025-63601

Published November 5th, 2025

View on NVD ↗

CVSS v3

9.9

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands.

grokability/snipe-it

A free open source IT asset/license management system

GitHub

13.9K