CVE-2025-58087
published 2026-01-20CVE-2025-58087: Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted…
PriorityP427medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.24%
15.0th percentile
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the status parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| meddream | meddream_pacs_premium | — | — |
| meddream | pacs_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Foxit, Epic Games Store, MedDreams vulnerabilities
blogs_talos·2026-01-22·CVSS 8.8
[HIGH] Foxit, Epic Games Store, MedDreams vulnerabilities
## Foxit, Epic Games Store, MedDreams vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy .
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org , and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website .
## Foxit privilege escalation and use-after-free vulnerabilities
Discovered by KPC of Cisco Talos.
Foxit PDF Editor is a popular PDF handling platform for editing, e-signing, an
Talos
Foxit, Epic Games Store, MedDreams vulnerabilities
blogs_talos·2026-01-22·CVSS 8.8
[HIGH] Foxit, Epic Games Store, MedDreams vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS.
The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
## Foxit privilege escalation and use-after-free vulnerabilities
Discovered by KPC of Cisco Talos.
Foxit PDF Editor is a popular PDF handling platform for editing, e-signing, and collaborating on PDF documents. Talos found three vulner
2026-01-20
Published