Home

Description

A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to execute arbitrary code on the server.

PUBLISHED Reserved 2025-08-17 | Published 2026-03-10 | Updated 2026-03-10 | Assigner mitre

References

limesurvey.com

github.com/...ecurity-advisories/blob/main/CVE-2025-56422.md

cve.org (CVE-2025-56422)

nvd.nist.gov (CVE-2025-56422)

Download JSON