Arbitrary File Deletion Vulnerability in WiseCleaner Wise Force Deleter
CVE-2025-66680

7.1HIGH

Key Information:

Vendor: WiseCleaner
Status: Wise Force Deleter
Vendor: CVE Published:; 3 March 2026

🔔 Create WiseCleaner Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-66680?

A vulnerability exists in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter versions 7.3.2 and earlier, which allows attackers to execute crafted requests that can lead to unauthorized deletion of arbitrary files from the system. This issue poses a significant risk as it can compromise data integrity and is exploitable in various attack scenarios.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-66680
Created by cwjchoi01

References

https://www.wisecleaner.com/wise-force-deleter.html

https://github.com/cwjchoi01/CVE-2025-66680/tree/main

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 3, 2026
👾
Exploit known to exist
Mar 3, 2026
Vulnerability published
Mar 3, 2026
Vulnerability Reserved
Dec 8, 2025

CVE-2025-66680 Data

JSON