CVE-2025-57795

Published: Jan 28, 2026Modified: Feb 5, 2026

9.9

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploitability: 3.1 / Impact: 6.0

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remote code execution.

Affected (1)

Products: Explorance: Blue

Explorance

1 product

Blue

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Explorance Blue	Before 8.14.13

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (4)

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0004.md

Source: mandiant-cve@google.com

Third Party Advisory

https://online-help.explorance.com/blue/articles/security-advisories-(january-2026)

Source: mandiant-cve@google.com

Vendor Advisory

https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57795

Source: mandiant-cve@google.com

Vendor Advisory

https://www.explorance.com/products/blue

Source: mandiant-cve@google.com

Product

Timeline

No history available yet.