CVE-2025-51489 Information

Description

An arbitrary file upload vulnerability in MoonShine v3.12.4 allows attackers to execute arbitrary code via uploading a crafted SVG file.

Reference

https://github.com/GiacoLenzo2109/MoonShine_Software_PoCs https://github.com/moonshine-software/moonshine

Related CNNVD

CNNVD-202508-2102 (Published: 2025-08-19)