Dotcms Vulnerabilities
Comprehensive security vulnerability database for Dotcms products
1
1
0
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2025-11165 | 9.4 | This vulnerability allows an attacker with scripting privileges in dotCMS to bypass security restrictions and access sensitive Java classes, enabling them to execute arbitrary system commands as the application user. The attacker must be authenticated and have the ability to run scripts to exploit this weakness. | dotcmsdotcms | Theoretical | about 1 month agoFeb 24, 2026 |
About Dotcms Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Dotcms products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.