EarlyNarratives
Pricing
Start free trialSign in
Start free trialSign in
Signal

Critical ShowDoc vulnerability CVE-2025-0520 actively exploited in the wild

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-14 05:50 UTCUpdated 2026-04-14 15:59 UTC
rss
cveexploitssecurity_toolingincident_response
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
BackEvidence (2)Get the free brief by emailStart free trial
No card needed for the free brief.
Evidence trail (top sources)
top sources (2 domains)domains are deduped. counts indicate coverage, not truth.
2 top sources shown
ShowDoc vulnerability actively exploited
SC Media · News · scworld.com · 2026-04-14 15:59 UTC
limited source diversity in top sources
View all evidence
Overview

A severe security flaw in ShowDoc, a document management platform popular in China, is being actively exploited. The vulnerability, CVE-2025-0520, has a high CVSS score of 9.4 and allows unrestricted file uploads due to improper file extension validation, enabling remote code execution on unpatched servers.

Entities
ShowDoc
Score total
1.02
Momentum 24h
2
Posts
2
Origins
2
Source types
1
Duplicate ratio
0%
Why now
  • Exploitation is currently active on unpatched servers, increasing immediate risk.
  • The vulnerability has a high CVSS score, underscoring its severity.
  • Prompt awareness can drive faster incident response and mitigation efforts.
Why it matters
  • The vulnerability enables remote code execution, risking full system compromise.
  • Active exploitation means organizations must urgently patch to prevent breaches.
  • ShowDoc's popularity in China increases potential impact and attack surface.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
  • CVE-2025-0520 is a critical ShowDoc vulnerability allowing unrestricted file uploads due to improper file extension validation.
  • The vulnerability CVE-2025-0520 has a CVSS score of 9.4 and is actively exploited in the wild on unpatched ShowDoc servers.
How sources frame it
  • SC Media: neutral
  • The Hacker News: neutral
This briefing highlights the urgent security risk posed by CVE-2025-0520 in ShowDoc, emphasizing active exploitation and the need for immediate patching.
All evidence
All evidence
ShowDoc vulnerability actively exploited
SC Media · scworld.com · 2026-04-14 15:59 UTC
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
The Hacker News · thehackernews.com · 2026-04-14 05:50 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -
Showing 2 / 0
Top publishers (this list)
  • SC Media (1)
  • The Hacker News (1)
Top origin domains (this list)
  • scworld.com (1)
  • thehackernews.com (1)