CRITICAL
Kaleris
CVE published 2025-06-24
CVE-2025-2566
CVE-2025-2566 is a critical remote code execution issue in Kaleris Navis N4 ULC (Ultra Light Client). According to the CISA CSAF advisory published on 2025-06-24, an unauthenticated attacker can send specially crafted requests that trigger unsafe Java deserialization and execute arbitrary code on the server. The affected product scope in the advisory is Kaleris Navis N4 versions below 4.0, with vendor fix [truncated]