VDB
CVE-2025-66034
CVE-2025-66034
PUBLISHED
EPSS 0.09% · 24.7th percentile
Risk Scores
EPSS Score
0.09%
24.7th percentile
Exploit Intelligence
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Proof-of-concept exploit for CVE-2025-66034 in the fontTools variable font generation pipeline. A crafted .designspace file allows control of the output path, enabling arbitrary file writes. The script automates payload creation, font generation, and upload to demonstrate the issue. (github-poc-repo)
…and 108 more exploits
Timeline
- Jan 21, 1970 Security Advisory
- Nov 29, 2025 EPSS Score
- Nov 29, 2025 Coalition ESS Score
- Nov 29, 2025 CVE Published
- Dec 1, 2025 Coalition ESS Score
- Dec 1, 2025 Coalition ESS Score
- Dec 1, 2025 CVE Updated
- Dec 4, 2025 EPSS Score
- Dec 4, 2025 Coalition ESS Score
- Dec 5, 2025 Coalition ESS Score
- Dec 6, 2025 Coalition ESS Score
- Dec 8, 2025 EPSS Score
References
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37451 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37445 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37460 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37449 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37450 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37466 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37468 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37444 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37461 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37459 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37446 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37465 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37448 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37447 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37463 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37452 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37462 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37464 advisory