CVE advisoryCRITICAL
CVE-2025-56218
SigningHub Arbitrary File Upload Code Execution
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
An arbitrary file upload vulnerability in SigningHub enables attackers to execute arbitrary code by uploading a crafted PDF. This could lead to system compromise if the affected technology is reachable.