Common Weakness Enumeration

CWE-459

Allowed

Incomplete Cleanup

Abstraction: Base · Status: Draft

The product does not properly "clean up" and remove temporary or supporting resources after they have been used.

223 vulnerabilities reference this CWE, most recent first.

CVE-2026-3304 (GCVE-0-2026-3304)

Vulnerability from cvelistv5 – Published: 2026-02-27 15:44 – Updated: 2026-07-15 01:07
VLAI
Title
Multer vulnerable to Denial of Service via incomplete cleanup
Summary
Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
expressjs multer Affected: 0.0.0 , < 2.1.0 (semver)
Create a notification for this product.
Red Hat Red Hat Developer Hub 1.8 Unaffected: 1774545605 , < * (rpm)
    cpe:/a:redhat:rhdh:1.8::el9
Create a notification for this product.
Red Hat Red Hat Developer Hub 1.9 Unaffected: 1775140647 , < * (rpm)
    cpe:/a:redhat:rhdh:1.9::el9
Create a notification for this product.
Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
Create a notification for this product.
Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
    cpe:/a:redhat:logging:6
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:2
Create a notification for this product.
Red Hat Self-service automation portal 2     cpe:/a:redhat:ansible_portal:2
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3304",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-27T17:12:20.998590Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-27T17:12:45.375Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:rhdh:1.8::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhdh/rhdh-hub-rhel9",
            "product": "Red Hat Developer Hub 1.8",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1774545605",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://catalog.redhat.com/software/containers/",
            "cpes": [
              "cpe:/a:redhat:rhdh:1.9::el9"
            ],
            "defaultStatus": "affected",
            "packageName": "rhdh/rhdh-hub-rhel9",
            "product": "Red Hat Developer Hub 1.9",
            "vendor": "Red Hat",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "1775140647",
                "versionType": "rpm"
              }
            ]
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift-logging/cluster-logging-operator-bundle",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift-logging/cluster-logging-rhel9-operator",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift-logging/eventrouter-rhel9",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift-logging/fluentd-rhel9",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift-logging/log-file-metric-exporter-rhel9",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:logging:5"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift-logging/logging-view-plugin-rhel9",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:logging:5",
              "cpe:/a:redhat:logging:6"
            ],
            "defaultStatus": "unaffected",
            "packageName": "openshift-logging/vector-rhel9",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "packageName": "fido-device-onboard",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "packageName": "firefox",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "packageName": "thunderbird",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:7"
            ],
            "defaultStatus": "unaffected",
            "packageName": "firefox",
            "product": "Red Hat Enterprise Linux 7",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "unaffected",
            "packageName": "firefox",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:8"
            ],
            "defaultStatus": "unaffected",
            "packageName": "thunderbird",
            "product": "Red Hat Enterprise Linux 8",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "unaffected",
            "packageName": "firefox",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "unaffected",
            "packageName": "thunderbird",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:trusted_profile_analyzer:2"
            ],
            "defaultStatus": "unaffected",
            "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
            "product": "Red Hat Trusted Profile Analyzer",
            "vendor": "Red Hat"
          },
          {
            "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
            "cpes": [
              "cpe:/a:redhat:ansible_portal:2"
            ],
            "defaultStatus": "affected",
            "packageName": "ansible-automation-platform/automation-portal",
            "product": "Self-service automation portal 2",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-02-27T15:44:37.187Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in Multer, a Node.js middleware. A remote attacker could exploit this vulnerability by sending specially crafted malformed requests. This could lead to resource exhaustion, resulting in a Denial of Service (DoS) for the application using Multer."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-459",
                "description": "Incomplete Cleanup",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-15T01:07:21.678Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-3304"
          },
          {
            "name": "RHBZ#2443353",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443353"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-3304.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6174"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:6802"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:6174: Red Hat Developer Hub 1.8"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:6802: Red Hat Developer Hub 1.9"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-02-27T16:01:39.674Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-02-27T15:44:37.187Z",
            "value": "Made public."
          }
        ],
        "title": "multer: Multer: Denial of Service via malformed requests",
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:npm/multer",
          "product": "multer",
          "vendor": "expressjs",
          "versions": [
            {
              "lessThan": "2.1.0",
              "status": "affected",
              "version": "0.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available."
            }
          ],
          "value": "Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by sending malformed requests, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-27T15:44:37.187Z",
        "orgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
        "shortName": "openjs"
      },
      "references": [
        {
          "url": "https://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-3304"
        },
        {
          "url": "https://github.com/expressjs/multer/commit/739919097dde3921ec31b930e4b9025036fa74ee"
        },
        {
          "url": "https://cna.openjsf.org/security-advisories.html"
        }
      ],
      "title": "Multer vulnerable to Denial of Service via incomplete cleanup",
      "x_generator": {
        "engine": "cve-kit 0.1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ce714d77-add3-4f53-aff5-83d477b104bb",
    "assignerShortName": "openjs",
    "cveId": "CVE-2026-3304",
    "datePublished": "2026-02-27T15:44:37.187Z",
    "dateReserved": "2026-02-26T20:42:41.095Z",
    "dateUpdated": "2026-07-15T01:07:21.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-0427 (GCVE-0-2026-0427)

Vulnerability from cvelistv5 – Published: 2026-05-15 02:51 – Updated: 2026-05-15 11:33
VLAI
Summary
Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
AMD
Impacted products
Date Public
2026-05-15 02:42
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0427",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-15T11:32:23.250736Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-15T11:33:11.565Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI210",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GIM 8.2.0.K"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI300X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GIM 8.2.0.K"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Instinct\u2122 MI325X",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "GIM 8.2.0.K"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Radeon\u2122 PRO V710",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Contact your AMD Customer Engineering representative"
            }
          ]
        }
      ],
      "datePublic": "2026-05-15T02:42:14.190Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability.  \u003cbr\u003e"
            }
          ],
          "value": "Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine (VM) to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459  Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-15T02:51:22.457Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-6027.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2026-0427",
    "datePublished": "2026-05-15T02:51:22.457Z",
    "dateReserved": "2025-12-06T13:53:32.646Z",
    "dateUpdated": "2026-05-15T11:33:11.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-66675 (GCVE-0-2025-66675)

Vulnerability from cvelistv5 – Published: 2025-12-10 09:32 – Updated: 2025-12-10 14:53
VLAI
Title
Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed
Summary
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue. It's related to  https://cve.org/CVERecord?id=CVE-2025-64775  - this CVE addresses missing affected version 6.7.4
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache Struts Affected: 2.0.0 , ≤ 6.7.* (semver)
Affected: 7.0.0 , ≤ 7.0.* (semver)
Create a notification for this product.
Credits
Nicolas Fournier
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.2,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-66675",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-10T14:52:50.294504Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-10T14:53:13.391Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.struts:struts2-core",
          "product": "Apache Struts",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "6.7.*",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Nicolas Fournier"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDenial of Service vulnerability in Apache Struts, f\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eile leak in multipart request processing causes disk exhaustion.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.\u003cbr\u003e\u003cbr\u003eIt\u0027s related to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cve.org/CVERecord?id=CVE-2025-64775\"\u003ehttps://cve.org/CVERecord?id=CVE-2025-64775\u003c/a\u003e\u0026nbsp;- this CVE addresses missing affected version 6.7.4\u003c/span\u003e\u003c/p\u003e"
            }
          ],
          "value": "Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion.\n\nThis issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3.\n\nUsers are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.\n\nIt\u0027s related to\u00a0 https://cve.org/CVERecord?id=CVE-2025-64775 \u00a0- this CVE addresses missing affected version 6.7.4"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459 Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-10T09:32:58.536Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://cwiki.apache.org/confluence/display/WW/S2-068"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://cve.org/CVERecord?id=CVE-2025-64775"
        }
      ],
      "source": {
        "advisory": "S2-068",
        "discovery": "UNKNOWN"
      },
      "title": "Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS) - version ranges fixed",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-66675",
    "datePublished": "2025-12-10T09:32:58.536Z",
    "dateReserved": "2025-12-07T08:25:45.422Z",
    "dateUpdated": "2025-12-10T14:53:13.391Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-66467 (GCVE-0-2025-66467)

Vulnerability from cvelistv5 – Published: 2026-05-08 12:16 – Updated: 2026-05-09 06:43
VLAI
Title
Apache CloudStack: MinIO policy remains intact on bucket deletion
Summary
Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, the previous owners can gain unauthorized read and write access to it by using the previously generated access and secret keys. Users are recommended to upgrade to Apache CloudStack versions 4.20.3.0 or 4.22.0.1, or later, which fixes this issue.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache CloudStack Affected: 4.19.0.0 , ≤ 4.20.2.0 (semver)
Affected: 4.21.0.0 , ≤ 4.22.0.0 (semver)
Create a notification for this product.
Credits
Roman Kozello <roman.kozello@gmail.com>
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66467",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-08T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-09T03:55:50.931Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-05-09T06:43:02.627Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/09/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache CloudStack",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "4.20.2.0",
              "status": "affected",
              "version": "4.19.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.22.0.0",
              "status": "affected",
              "version": "4.21.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Roman Kozello \u003croman.kozello@gmail.com\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, the previous owners can gain unauthorized read and write access to it by using the previously generated access and secret keys.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to Apache CloudStack versions 4.20.3.0 or 4.22.0.1, or later, which fixes this issue."
            }
          ],
          "value": "Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, the previous owners can gain unauthorized read and write access to it by using the previously generated access and secret keys.\n\nUsers are recommended to upgrade to Apache CloudStack versions 4.20.3.0 or 4.22.0.1, or later, which fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459 Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-08T12:16:04.822Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/n8mt5b7wkpysstb8w7rr9f02kc5cq2xm"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache CloudStack: MinIO policy remains intact on bucket deletion",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-66467",
    "datePublished": "2026-05-08T12:16:04.822Z",
    "dateReserved": "2025-12-02T12:29:57.723Z",
    "dateUpdated": "2026-05-09T06:43:02.627Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-64775 (GCVE-0-2025-64775)

Vulnerability from cvelistv5 – Published: 2025-12-01 16:07 – Updated: 2025-12-01 18:23
VLAI
Title
Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS)
Summary
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache Struts Affected: 2.0.0 , ≤ 6.7.0 (semver)
Affected: 7.0.0 , ≤ 7.0.3 (semver)
Create a notification for this product.
Credits
Nicolas Fournier
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-12-01T17:05:44.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/12/01/2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-64775",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-01T18:22:57.451278Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-01T18:23:17.469Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.struts:struts2-core",
          "product": "Apache Struts",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "6.7.0",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.3",
              "status": "affected",
              "version": "7.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Nicolas Fournier"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDenial of Service vulnerability in Apache Struts, f\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eile leak in multipart request processing causes disk exhaustion.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion.\n\nThis issue affects Apache Struts: from 2.0.0 through 6.7.0, from 7.0.0 through 7.0.3.\n\nUsers are recommended to upgrade to version 6.8.0 or 7.1.1, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459 Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-01T16:07:36.573Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://cwiki.apache.org/confluence/display/WW/S2-068"
        }
      ],
      "source": {
        "advisory": "S2-068",
        "discovery": "EXTERNAL"
      },
      "title": "Apache Struts: File leak in multipart request processing causes disk exhaustion (DoS)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-64775",
    "datePublished": "2025-12-01T16:07:36.573Z",
    "dateReserved": "2025-11-11T15:12:23.069Z",
    "dateUpdated": "2025-12-01T18:23:17.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59781 (GCVE-0-2025-59781)

Vulnerability from cvelistv5 – Published: 2025-10-15 13:55 – Updated: 2026-02-26 16:57
VLAI
Title
BIG-IP DNS cache vulnerability
Summary
When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
f5
References
Impacted products
Vendor Product Version
F5 BIG-IP Unaffected: 17.5.0 , < * (custom)
Affected: 17.1.0 , < 17.1.2.2 (custom)
Affected: 16.1.0 , < 16.1.6 (custom)
Affected: 15.1.0 , < 15.1.10.8 (custom)
Create a notification for this product.
F5 BIG-IP Next CNF Unaffected: 2.0.0 , < * (custom)
Affected: 1.1.0 , < * (custom)
Create a notification for this product.
Date Public
2025-10-15 14:00
Credits
F5
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59781",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-16T03:56:29.588489Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T16:57:45.910Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "modules": [
            "All Modules"
          ],
          "product": "BIG-IP",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17.5.0",
              "versionType": "custom"
            },
            {
              "lessThan": "17.1.2.2",
              "status": "affected",
              "version": "17.1.0",
              "versionType": "custom"
            },
            {
              "lessThan": "16.1.6",
              "status": "affected",
              "version": "16.1.0",
              "versionType": "custom"
            },
            {
              "lessThan": "15.1.10.8",
              "status": "affected",
              "version": "15.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "BIG-IP Next CNF",
          "vendor": "F5",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "1.4.0-EHF-3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "*",
              "status": "affected",
              "version": "1.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "F5"
        }
      ],
      "datePublic": "2025-10-15T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWhen DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization\u003c/span\u003e.\u0026nbsp;\u0026nbsp; Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization.\u00a0\u00a0 Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459 Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-15T13:55:46.562Z",
        "orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
        "shortName": "f5"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://my.f5.com/manage/s/article/K000150637"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "BIG-IP DNS cache vulnerability",
      "x_generator": {
        "engine": "F5 SIRTBot v1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
    "assignerShortName": "f5",
    "cveId": "CVE-2025-59781",
    "datePublished": "2025-10-15T13:55:46.562Z",
    "dateReserved": "2025-10-03T23:04:21.072Z",
    "dateUpdated": "2026-02-26T16:57:45.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-43711 (GCVE-0-2025-43711)

Vulnerability from cvelistv5 – Published: 2025-07-04 00:00 – Updated: 2025-07-08 14:36
VLAI
Summary
Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root (upon the next boot) by dragging a crafted Tunnelblick.app file into /Applications.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Tunnelblick Project Tunnelblick Affected: 3.5beta06 , < 7.0 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-43711",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T13:13:19.239199Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T14:36:02.112Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Tunnelblick",
          "vendor": "Tunnelblick Project",
          "versions": [
            {
              "lessThan": "7.0",
              "status": "affected",
              "version": "3.5beta06",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root (upon the next boot) by dragging a crafted Tunnelblick.app file into /Applications."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459 Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-04T23:33:50.119Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://tunnelblick.net/downloads.html"
        },
        {
          "url": "https://tunnelblick.net/cCVE-2025-43711.html"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-43711",
    "datePublished": "2025-07-04T00:00:00.000Z",
    "dateReserved": "2025-04-17T00:00:00.000Z",
    "dateUpdated": "2025-07-08T14:36:02.112Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-31650 (GCVE-0-2025-31650)

Vulnerability from cvelistv5 – Published: 2025-04-28 19:14 – Updated: 2025-11-03 19:53
VLAI
Title
Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame
Summary
Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.90 though 8.5.100. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Affected: 9.0.76 , ≤ 9.0.102 (semver)
Affected: 10.1.10 , ≤ 10.1.39 (semver)
Affected: 11.0.0-M2 , ≤ 11.0.5 (semver)
Affected: 8.5.90 , ≤ 8.5.100 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:53:11.497Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/28/2"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-31650",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-06T20:07:38.530859Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-06T20:07:50.531Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "9.0.102",
              "status": "affected",
              "version": "9.0.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.39",
              "status": "affected",
              "version": "10.1.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "11.0.5",
              "status": "affected",
              "version": "11.0.0-M2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.90",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eImproper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.\u003cbr\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.90 though 8.5.100.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.\n\nThis issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.90 though 8.5.100.\n\n\nUsers are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459 Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-08T11:43:00.251Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-31650",
    "datePublished": "2025-04-28T19:14:31.107Z",
    "dateReserved": "2025-03-31T12:13:57.705Z",
    "dateUpdated": "2025-11-03T19:53:11.497Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-29934 (GCVE-0-2025-29934)

Vulnerability from cvelistv5 – Published: 2025-11-21 18:45 – Updated: 2025-11-23 17:30
VLAI
Summary
A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
AMD
Date Public
2025-11-21 18:44
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29934",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-21T19:02:59.284742Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-21T19:03:15.508Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Genoa 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Turin 1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Genoa 1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 7003 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbMilanPI-SP3 v9 1.0.0.B"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Genoa\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9005 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbTurinPI-SP5 1.0.0.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 9004 Series Processors (formerly codenamed \"Bergamo\")",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD EPYC\u2122 Embedded 8004 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "EmbGenoaPI-SP5 1.0.0.A"
            }
          ]
        }
      ],
      "datePublic": "2025-11-21T18:44:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity.\t\r\n\u003cbr\u003e"
            }
          ],
          "value": "A bug within some AMD CPUs could allow a local admin-privileged attacker to run a SEV-SNP guest using stale TLB entries, potentially resulting in loss of data integrity."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459  Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-23T17:30:46.143Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/AMD-SB-3029.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "AMD PSIRT Automation 1.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2025-29934",
    "datePublished": "2025-11-21T18:45:16.849Z",
    "dateReserved": "2025-03-12T15:14:59.391Z",
    "dateUpdated": "2025-11-23T17:30:46.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-21609 (GCVE-0-2025-21609)

Vulnerability from cvelistv5 – Published: 2025-01-03 16:26 – Updated: 2025-01-03 17:14
VLAI
Title
SiYuan has an arbitrary file deletion vulnerability
Summary
SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server. Commit d9887aeec1b27073bec66299a9a4181dc42969f3 fixes this vulnerability and is expected to be available in version 3.1.19.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-459 - Incomplete Cleanup
  • CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
Impacted products
Vendor Product Version
siyuan-note siyuan Affected: = 3.1.18
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-21609",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-03T17:03:32.565543Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-03T17:14:23.915Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "siyuan",
          "vendor": "siyuan-note",
          "versions": [
            {
              "status": "affected",
              "version": "= 3.1.18"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server. Commit d9887aeec1b27073bec66299a9a4181dc42969f3 fixes this vulnerability and is expected to be available in version 3.1.19."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-459",
              "description": "CWE-459: Incomplete Cleanup",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-552",
              "description": "CWE-552: Files or Directories Accessible to External Parties",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-03T16:26:36.420Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-8fx8-pffw-w498",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-8fx8-pffw-w498"
        },
        {
          "name": "https://github.com/siyuan-note/siyuan/commit/d9887aeec1b27073bec66299a9a4181dc42969f3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/siyuan-note/siyuan/commit/d9887aeec1b27073bec66299a9a4181dc42969f3"
        }
      ],
      "source": {
        "advisory": "GHSA-8fx8-pffw-w498",
        "discovery": "UNKNOWN"
      },
      "title": "SiYuan has an arbitrary file deletion vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-21609",
    "datePublished": "2025-01-03T16:26:36.420Z",
    "dateReserved": "2024-12-29T03:00:24.712Z",
    "dateUpdated": "2025-01-03T17:14:23.915Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design Implementation

Temporary files and other supporting resources should be deleted/released immediately after they are no longer needed.

No CAPEC attack patterns related to this CWE.