bee-interactive

1 exploit Active since Jan 2026
CVE-2025-14894 WRITEUP CRITICAL STUB
livewire-filemanager/filemanager < 1.0.0 - Unauthenticated Remote Code Execution via Unrestricted File Upload
Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup process within Laravel applications has been completed.
CVSS 9.8