VDB
GHSA-768j-98cg-p3fv
GHSA-768j-98cg-p3fv
PUBLISHED
Exploit Intelligence
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Liquid1998/Variatype.htb-CVE-2025-66034 (github-poc-repo)
- Proof-of-concept exploit for CVE-2025-66034 in the fontTools variable font generation pipeline. A crafted .designspace file allows control of the output path, enabling arbitrary file writes. The script automates payload creation, font generation, and upload to demonstrate the issue. (github-poc-repo)
- Proof-of-concept exploit for CVE-2025-66034 in the fontTools variable font generation pipeline. A crafted .designspace file allows control of the output path, enabling arbitrary file writes. The script automates payload creation, font generation, and upload to demonstrate the issue. (github-poc-repo)
- Proof-of-concept exploit for CVE-2025-66034 in the fontTools variable font generation pipeline. A crafted .designspace file allows control of the output path, enabling arbitrary file writes. The script automates payload creation, font generation, and upload to demonstrate the issue. (github-poc-repo)
- v3cn4x00/POC-CVE-2025-66034 (github-poc-repo)
- v3cn4x00/POC-CVE-2025-66034 (github-poc-repo)
- v3cn4x00/POC-CVE-2025-66034 (github-poc-repo)
- CVE-2025-66034 - fontTools varLib Arbitrary File Write → RCE PoC exploit for an Arbitrary File Write + XML Injection vulnerability in fontTools.varLib. (github-poc-repo)
…and 29 more exploits
Timeline
- CVE Published
- Mar 2, 2026 Security Advisory