CVE 8.8 HIGH

CVE-2025-65480_CVE-2025-65480

February 12, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution.

AI Analysis

Remote Code Execution via malicious script injection in Report Templates

Basic Information

ID CVE-2025-65480

Source mitre

Published Feb 11, 2026 at 00:00

Modified Feb 12, 2026 at 14:47

Affected Product

Vendor Pacom

Product Pacom Unison Client

Version 5.13.1

Affected Versions n/a n/a n/a

CWE Classification

CWE-78

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Pacom

Product Unison Client

Version 5.13.1

References

{
    "lastseen": "",
    "description": "An issue was discovered in Pacom Unison Client 5.13.1. Authenticated users can inject malicious scripts in the Report Templates which are executed when certain script conditions are fulfilled, leading to Remote Code Execution.",
    "published": "2026-02-11T00:00:00.000Z",
    "modified": "2026-02-12T14:47:05.051Z",
    "type": "cve",
    "title": "CVE-2025-65480",
    "source": "mitre",
    "references": "http://pacom.com\nhttps://github.com/derekyjj/vulnerability-research/tree/main/CVE-2025-65480",
    "id": "CVE-2025-65480",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Pacom Unison Client",
    "version": "5.13.1",
    "vendor": "Pacom",
    "ai_description": "Remote Code Execution via malicious script injection in Report Templates",
    "ai_severity": "High",
    "ai_vendor": "Pacom",
    "ai_product": "Unison Client",
    "ai_version": "5.13.1",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply