Home > Vulnerability Database > CVE-2025-66908

Mend.io Vulnerability Database

CVE-2025-66908

Good to know:

Date: December 19, 2025

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR image upload functionality. The OcrController in turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java uses the @FormData(contentType = MediaTypeConst.IMAGE) annotation to restrict uploads to image files, but this constraint is not properly enforced. The system relies solely on client-provided Content-Type headers and file extensions without validating actual file content using magic bytes (file signatures). An attacker can upload arbitrary file types including executables, scripts, HTML, or web shells by setting the Content-Type header to "image/*" or using an image file extension. This bypass enables potential server-side code execution, stored XSS, or information disclosure depending on how uploaded files are processed and served.

Severity Score

5.3

Related Resources (5)

Url: https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66908_report.md

Url: https://github.com/turms-im/turms/blob/develop/turms-ai-serving/src/main/java/im/turms/ai/domain/ocr/controller/OcrController.java

Url: https://github.com/turms-im/turms

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-66908

Url: https://www.mend.io/vulnerability-database/CVE-2025-66908

Severity Score

5.3

Weakness Type (CWE)

Unrestricted Upload of File with Dangerous Type

CWE-434

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-66908

Good to know:

Date: December 19, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?