CVE-2025-24815
Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation
CVSS
7.8
High
EPSS
0.1%
p5
KEV
—
Exploit Today
1
0-100
Published: Jun 30, 2026 · Last modified: Jul 10, 2026 · CWE-434
0.1%EPSS · 30 days0.2%
2026-06-302026-07-17
Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-562909.8 CRI85.4%
KEV—76Joomlack Page Builder Improper Access Control Vulnerability9dCVE-2026-489089.8 CRI72.6%
KEV—72JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability9dCVE-2026-489399.8 CRI71.5%
KEV—71iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability7dCVE-2026-562919.8 CRI53.7%
KEV—66Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability7dCVE-2023-388368.8 HIG99.3%
——30File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.9dCVE-2023-464747.2 HIG97.3%
——29File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.9d