CVE-2025-62356
π΄ HIGHA path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to read arbitrary local files in and outside of current projects on an end userβs system. The vulnerabili...
Description
Request Expert ReviewA path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to read arbitrary local files in and outside of current projects on an end userβs system. The vulnerability can be reached directly and through indirect prompt injection.
CVSS Scores
References
Additional Information
- Source
- 6f8de1f0-f67e-45a6-b68f-98777fdb759c
- State
- Awaiting analysis
Related CVEs
CVE-2025-14029
MEDIUMThe Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_admin_event...
CVE-2025-12825
MEDIUMThe User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the...
CVE-2025-12168
MEDIUMThe Phrase TMS Integration for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on...
CVE-2026-0820
MEDIUMThe RepairBuddy β Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing...
CVE-2026-0682
LOWThe Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.28 due to insufficient va...
CVE-2025-14463
MEDIUMThe Payment Button for PayPal plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 1.2.3.41. This i...
Share CVE-2025-62356
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-62356 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!