Skip to content
The Nexus
SECURITYApr 14 · 05:50 UTCTHE HACKER NEWS[email protected] (The Hacker News)

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

A critical unrestricted file upload vulnerability (CVE-2025-0520/CNVD-2020-26585) in ShowDoc, a Chinese document management service, is being actively exploited. The flaw has a CVSS score of 9.4 and stems from improper validation of file uploads.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this