{"id":"CVE-2025-55454","details":"An authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask v1.0.51 allows attackers to execute arbitrary code via uploading a crafted file.","modified":"2026-04-10T05:29:58.638874Z","published":"2025-08-22T19:15:40.183Z","references":[{"type":"EVIDENCE","url":"https://www.notion.so/Dootask-Arbitrary-file-upload-vulnerability-2162818a9e118053a586cf4bc05fd1fa"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kuaifan/dootask","events":[{"introduced":"0"},{"last_affected":"c28a375b5dc7d0a77600e9e4027ac10d30827e6a"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.0.51"}]}}],"versions":["0.3.29","0.3.36","0.3.47","0.3.56","0.3.89","0.32.9","v0.10.21","v0.10.30","v0.10.5","v0.11.96","v0.12.19","v0.12.23","v0.12.40","v0.12.66","v0.12.77","v0.12.8","v0.12.95","v0.13.0","v0.25.39","v0.25.42","v0.25.48","v0.25.52","v0.25.60","v0.25.68","v0.25.74","v0.25.84","v0.25.95","v0.26.6","v0.26.8","v0.26.86","v0.27.1","v0.27.26","v0.27.46","v0.31.13","v0.31.43","v0.31.54","v0.31.65","v0.31.75","v0.31.8","v0.32.9","v0.33.34","v0.33.37","v0.33.41","v0.33.54","v0.33.58","v0.33.91","v0.33.98","v0.34.28","v0.34.46","v0.34.59","v0.34.66","v0.34.95","v0.35.10","v0.35.20","v0.35.40","v0.35.48","v0.35.76","v0.35.84","v0.35.90","v0.36.15","v0.36.26","v0.36.36","v0.36.44","v0.36.49","v0.36.60","v0.36.75","v0.36.78","v0.36.84","v0.36.91","v0.36.97","v0.37.17","v0.37.32","v0.37.50","v0.37.98","v0.38.27","v0.38.70","v0.38.73","v0.38.91","v0.38.94","v0.39.21","v0.39.39","v0.39.52","v0.39.66","v0.39.73","v0.39.88","v0.39.97","v0.4.11","v0.4.28","v0.4.50","v0.4.58","v0.4.63","v0.4.78","v0.4.86","v0.4.99","v0.40.40","v0.40.78","v0.41.45","v0.41.55","v0.41.64","v0.41.84","v0.41.93","v0.42.0","v0.42.26","v0.42.3","v0.42.37","v0.42.57","v0.42.61","v0.42.74","v0.42.79","v0.42.85","v0.43.18","v0.43.49","v0.43.7","v0.43.73","v0.44.15","v0.44.19","v0.44.3","v0.44.53","v0.44.67","v0.44.74","v0.44.82","v0.44.91","v0.45.33","v0.45.64","v0.46.16","v0.46.74","v0.47.7","v0.5.0","v0.5.17","v0.5.52","v0.5.58","v0.5.59","v0.5.8","v0.5.84","v0.5.94","v0.6.13","v0.6.20","v0.6.6","v0.7.73","v0.7.94","v0.8.14","v0.8.2","v0.8.22","v0.9.68","v0.9.83","v1.0.0","v1.0.31","v1.0.37","v1.0.45","v1.0.51"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-55454.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}