CVE-2025-66208

🚨 CRITICAL

Published

Dec 03, 2025

Last Modified

Dec 08, 2025

Views

Bookmarks

Description

Request Expert Review

Collabora Online - Built-in CODE Server (richdocumentscode) provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE (OS Command Injection) in richdocumentscode proxy. Users of Nextcloud with Collabora Online - Built-in CODE Server app can be vulnerable to attack via proxy.php and an intermediate reverse proxy. This vulnerability is fixed in 25.04.702.

Affected Products (1)

collabora - online

Version: *

CVSS Scores

CVSS 3.1 9.8

9.8

CRITICAL

CVSS 2.0 9.8

References

github.com

Additional Information

Source: security-advisories@github.com
State: Analyzed

Related CVEs

CVE-2026-1139

HIGH

A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/ConfigExceptMSN. The...

Score: 8.8

CVE-2026-1138

HIGH

A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. Executing a manipulation can...

Score: 8.8

CVE-2026-1137

HIGH

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formWebAuthGlobalConfig....

Score: 8.8

CVE-2026-1136

LOW

A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bCont...

Score: 3.5

CVE-2026-1135

MEDIUM

A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. T...

Score: 4.3

CVE-2026-1134

MEDIUM

A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unknown function of the file /admin/expenses.php. The ma...

Score: 4.3

Share CVE-2025-66208

Share on Social Media

Copy Link

Embed Code

HTML Embed (for websites/blogs)

Markdown (for GitHub/Discord)

Request Expert Analysis

Request a professional security analysis for CVE-2025-66208 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Priority Level

SLA Acceleration (50% faster delivery)

Add 3 credits for accelerated delivery

Additional Context (Optional)

Base Cost: 8 credits

Priority Upgrade: + credits

SLA Acceleration: +3 credits

Total Cost:

Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

CVE-2025-66208

Description

Affected Products (1)

collabora - online

CVSS Scores

References

Additional Information

Related CVEs

CVE-2026-1139

CVE-2026-1138

CVE-2026-1137

CVE-2026-1136

CVE-2026-1135

CVE-2026-1134

Share CVE-2025-66208

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Credits System

Insufficient Credits

Report Analysis