CVE-2025-63617 | THREATINT

Description

ktg-mes before commit a484f96 (2025-07-03) has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data.

PUBLISHED Reserved 2025-10-27 | Published 2025-11-10 | Updated 2025-11-12 | Assigner mitre

References

github.com/ChangeYourWay/post/blob/main/ktg-mes.md

gist.github.com/...eYourWay/8651679a2155269bccf520fcb34fc661

cve.org (CVE-2025-63617)

nvd.nist.gov (CVE-2025-63617)

Download JSON