Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
Miazzy oa-front-service Allows Execution of Untrusted Code
CVE-2025-70046
Summary
A security issue in the Miazzy oa-front-service allows an attacker to potentially execute arbitrary code on the system. This is a serious risk because it could allow a malicious user to take control of the system. System administrators should update the oa-front-service to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| miazzy | oa-font-service | master | – |
Original title
An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master.
Original description
An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master.
Vulnerability type
CWE-829
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026