CVE-2025-22978

Summary

CVE-2025-22978 is a newly identified vulnerability affecting eladmin versions prior to 2.7. This issue permits attackers to inject malicious CSV (Comma-Separated Values) data into the exception log download module. Successful exploitation can lead to arbitrary code execution or unauthorized data access, posing a serious threat to system integrity and confidentiality. Organizations using eladmin are advised to update to the latest version as soon as possible to mitigate this risk. Attackers can exploit this vulnerability by manipulating the CSV data sent to the server, potentially leading to significant security consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.