CVE-2025-54068 is a remote code execution vulnerability in Laravel Livewire v3 through version 3.6.3, caused by insecure handling of attacker-controlled data during component property update hydration. An unauthenticated attacker can achieve remote command execution on applications with vulnerable component configurations, requiring no credentials and no user interaction. CISA added this to the KEV catalog on March 20, 2026 following confirmed active exploitation by an Iranian threat actor using a dedicated Nuclei scanning template recovered from a live C2 server.
Powered by RiskScore — https://api.riskscore.dev