CVE-2025-70023

CRITICAL

uppy 0.25.6 - Type Confusion

Title source: llm

Description

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6.

References (3)

Scores

CVSS v3 9.8
EPSS 0.0005
EPSS Percentile 16.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-843
Status published
Published Apr 14, 2026
Tracked Since Apr 14, 2026