DumbDrop — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in DumbDrop, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-47929	DumbDrop vulnerable to DOM XSS via file upload CWE-79	6.1^AI	Medium^AI	2025-05-15
CVE-2025-24971	OS Command Injection endpoint '/upload/init' parameter 'filename' (RCE) in DumpDrop CWE-78	9.8	-	2025-02-04
CVE-2025-24891	Dumb Drop has an arbitrary file overwrite and path traversal for root shell CWE-22	9.7	Critical	2025-01-31

All 3 known CVE vulnerabilities affecting DumbDrop with full Chinese analysis, references, and POCs where available.