{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T03:01:45.572","vulnerabilities":[{"cve":{"id":"CVE-2025-67079","sourceIdentifier":"cve@mitre.org","published":"2026-01-15T16:16:11.977","lastModified":"2026-01-21T14:42:07.337","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions."},{"lang":"es","value":"Vulnerabilidad de carga de archivos en Omnispace Agora Project anterior a 25.10 permitiendo a los atacantes ejecutar código a través del motor MSL de la biblioteca Imagick mediante un archivo PDF manipulado a las funciones de carga de archivos y miniaturas."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:agora-project:agora-project:*:*:*:*:*:*:*:*","versionEndExcluding":"25.10","matchCriteriaId":"03FDD8D6-01A9-4C64-9893-65C744702416"}]}]}],"references":[{"url":"https://www.agora-project.net","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.helx.io/blog/advisory-agora-project/","source":"cve@mitre.org","tags":["Third Party Advisory"]}]}}]}