cbcvebase.
CVE-2025-54370
published 2025-08-25

CVE-2025-54370: PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can…

PriorityP351high8.7CVSS 4.0
AVNACLATNPRNUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.74%
50.0th percentile
PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is read and displayed in the browser. The vulnerability lies in the setPath method of the PhpOffice\PhpSpreadsheet\Worksheet\Drawing class, where a crafted string from the user is passed to the HTML reader. This issue has been patched in versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0.

Affected

10 ranges
VendorProductVersion rangeFixed in
phpofficephpspreadsheet< 1.30.01.30.0
phpofficephpspreadsheet
phpofficephpspreadsheet
phpofficephpspreadsheet
phpofficephpspreadsheet
phpofficephpspreadsheet>= 0 < 1.30.01.30.0
phpofficephpspreadsheet>= 2.0.0 < 2.1.122.1.12
phpofficephpspreadsheet>= 2.2.0 < 2.4.02.4.0
phpofficephpspreadsheet>= 3.0.0 < 3.10.03.10.0
phpofficephpspreadsheet>= 4.0.0 < 5.0.05.0.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.