CVE-2025-27218 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-27218 PUBLISHED

Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization.

EPSS 57.65% · 98.1th percentile

Risk Scores

EPSS Score

57.65%

98.1th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	*

Timeline

CVE Published
Feb 20, 2025 EPSS Score
Feb 20, 2025 PoC Published
Mar 5, 2025 PoC Published
Mar 6, 2025 PoC Published
Mar 6, 2025 PoC Published
Mar 6, 2025 PoC Published
Mar 6, 2025 PoC Published
Mar 7, 2025 PoC Published
Mar 10, 2025 PoC Published
Mar 10, 2025 PoC Published
Mar 10, 2025 PoC Published

References

Open in Interactive Console →