Vulnerability Database

Published: Oct 28, 2025
Updated: Jan 9, 2026
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-60355" target="_blank" rel="noopener"> CVE-2025-60355
Severity: Critical
Exploit:

318,637

Total vulnerabilities in the database

zhangyd-c OneBlog before 2.3.9 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates.

CVSS v3:

CWEs:

Software	From	Fixed in
zhyd / oneblog	-	2.3.9

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.