CVE-2025-5306

CRITICAL

Command Injection in Netflow path

CVSS v3

9.8

CRITICAL

EPSS Score

71.3%

exploit probability

CISA KEV

No

known exploited

Exploitation

none

SSVC status

Description

Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778

Technical Details

CVSS v3 Vector
3.1
Published
6/27/2025
Last Modified
6/17/2026

Frequently Asked Questions

What is CVE-2025-5306?

Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778

Is CVE-2025-5306 actively exploited?

Active exploitation of CVE-2025-5306 has not been confirmed. The EPSS score is 71.3%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2025-5306?

CVE-2025-5306 has a CVSS v3 base score of 9.8 (CRITICAL severity), with vector string 3.1.

Is CVE-2025-5306 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.

Check an IPSearch CVEs
Back to CVE Database