CVE-2025-5680 – Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script Handler Remote Deserialization Vulnerability

June 5, 2025

CVE ID : CVE-2025-5680

Published : June 5, 2025, 8:15 p.m. | 1 hour, 52 minutes ago

Description : A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script Handler. The manipulation of the argument script leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5685 – Tenda CH22 Stack-Based Buffer Overflow Vulnerability

Next Article CVE-2025-43026 – HP Support Assistant Privilege Escalation Vulnerability

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

EcoFlow’s new portable battery stations are lighter and more powerful (DC plug included)

7 ways Linux can save you money

My favorite Kindle tablet just got a kids model, and it makes so much sense

You can turn your Google Photos into video clips now – here’s how

Blade Service Injection: Direct Service Access in Laravel Templates

Blade Service Injection: Direct Service Access in Laravel Templates

This Week in Laravel: NativePHP Mobile and AI Guidelines from Spatie

Retrieve the Currently Executing Closure in PHP 8.5

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

How to Open Control Panel in Windows 11

How to Shut Down Windows 11

CVE-2025-5680 – Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script Handler Remote Deserialization Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

CVE-2025-5476 – Sony XAV-AX8500 Bluetooth L2CAP Channel Isolation Authentication Bypass

From Flow to Fabric: Connecting Power Automate to Microsoft Fabric

CVE-2025-4375 – Sparx Systems Pro Cloud Server CSRF Session Hijacking

CVE-2025-7816 – PHPGurukul Apartment Visitors Management System Cross-Site Scripting Vulnerability

Double Fine announced its new game, and I’m so ready to play as a sentient lighthouse

The 4 VPNs I swear by for Linux – and why I trust them

CVE-2025-30386 – Microsoft Office Use After Free Code Execution Vulnerability

CVE-2025-4207 – PostgreSQL Buffer Over-Read Denial of Service

CVE-2025-5680 – Shenzhen Dashi Tongzhou Information Technology AgileBPM Groovy Script Handler Remote Deserialization Vulnerability

Related Posts