Kaio Mendonca Pereira

4 exploits Active since Aug 2025
CVE-2025-52385 NOMISEC CRITICAL WRITEUP
Studio 3T < 2025.1.0 - Remote Code Execution via Child Process Payload
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
CVSS 9.8
CVE-2025-56514 NOMISEC MEDIUM WRITEUP
Fiora 1.0.0 - Stored Cross-Site Scripting via Malicious SVG File Rendering
Cross Site Scripting (XSS) vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users.
CVSS 5.4
CVE-2025-52385 WRITEUP CRITICAL WRITEUP
Studio 3T < 2025.1.0 - Remote Code Execution via Child Process Payload
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
CVSS 9.8
CVE-2025-56514 WRITEUP MEDIUM WRITEUP
Fiora 1.0.0 - Stored Cross-Site Scripting via Malicious SVG File Rendering
Cross Site Scripting (XSS) vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users.
CVSS 5.4