All 6 CVE vulnerabilities found in ChestnutCMS, with AI-generated Chinese analysis, references, and POCs.
Vendor: n/a
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15009 | liweiyi ChestnutCMS Filename upload FilenameUtils.getExtension unrestricted upload CWE-434 | 6.3 | Medium | 2025-12-22 |
| CVE-2025-12923 | liweiyi ChestnutCMS download resourceDownload path traversal CWE-22 | 2.7 | Low | 2025-11-10 |
| CVE-2025-5552 | ChestnutCMS API Endpoint exec deserialization CWE-502 | 6.3 | Medium | 2025-06-04 |
| CVE-2025-2917 | ChestnutCMS read readFile path traversal CWE-22 | 4.3 | Medium | 2025-03-28 |
| CVE-2025-2032 | ChestnutCMS rename renameFile path traversal CWE-22 | 3.5 | Low | 2025-03-06 |
| CVE-2025-2031 | ChestnutCMS upload uploadFile unrestricted upload CWE-434 | 6.3 | Medium | 2025-03-06 |
All 6 known CVE vulnerabilities affecting ChestnutCMS with full Chinese analysis, references, and POCs where available.