CVE-2025-54068

Name: CVE-2025-54068
Creator: NVD / NIST
Published: 2025-07-17T19:15:25.47+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.2/10Actively ExploitedEPSS 95.38%

Last modified Jun 17, 2026

CVE-2025-54068 is a critical-severity vulnerability rated 9.2/10 on the CVSS scale. Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. CISA has confirmed active exploitation in the wild. EPSS estimates a 95.38% chance of exploitation in the next 30 days.

Description

Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions. Exploitation requires a component to be mounted and configured in a particular way, but does not require authentication or user interaction. This issue has been patched in Livewire v3.6.4. All users are strongly encouraged to upgrade to this version or later as soon as possible. No known workarounds are available.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0

9.2/10

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability

95.38%

99.9th percentile

Probability of exploitation in the next 30 days. Learn more

Exploitation Status

This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by Apr 3, 2026.

Weakness Enumeration

CWE-94

Affected Software

Vendor	Product	Versions
Laravel	Livewire	>= 3.0.0, < 3.6.4

References

https://github.com/livewire/livewire/commit/ef04be759da41b14d2d129e670533180a44987dcPatch
https://github.com/livewire/livewire/releases/tag/v3.6.4Release Notes
https://github.com/livewire/livewire/security/advisories/GHSA-29cq-5w36-x7w3Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54068US Government Resource
https://www.threathunter.ai/blog/iranian-threat-actor-tools-techniques-iocs-ioas/Third Party Advisory

Timeline

Published: Jul 17, 2025
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2025-54068?

How severe is CVE-2025-54068?

CVE-2025-54068 has a CVSS score of 9.2/10 (CRITICAL severity). The EPSS model estimates a 95.38% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.

How do I fix CVE-2025-54068?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-54068?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST