CVE-2025-3322
Product - Code Injection
Title source: llmDescription
An improper neutralization of inputs used in expression language allows remote code execution with the highest privileges on the server.
References (1)
Scores
EPSS
0.0083
EPSS Percentile
74.3%
Classification
CWE
CWE-917
Status
draft
Timeline
Published
Jun 06, 2025
Tracked Since
Feb 18, 2026