CVE-2025-65875 HIGH

CVE-2025-65875

Vendor N/A
Product n/a
Published February 3, 2026
Last update February 4, 2026

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N

What the vulnerability does

01Description

An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file.

Key dates

02Disclosure timeline

February 3, 2026 CVE published
February 4, 2026 Record updated