📦

document_server

Vendor: onlyoffice

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 8 Remote Access

Total CVEs 24 Total Indexed

Avg. EPSS 3.68% Exploit Prob.

Latest CVE CVE-2025-68936 Dec 25

Security Vulnerability Index

Page 3 / 3

9.8 CVSS

CVE-2020-11534

An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary (such as curl or wget) and remotely execute code on a victim's server.

EPSS: 0.65%

Severity: CRITICAL

Apr 15, 2020

Displaying 1 of 24 Total Entries

1 2 3

Total 3 Sections