Common Weakness Enumeration

CWE-476

Allowed

NULL Pointer Dereference

Abstraction: Base · Status: Stable

The product dereferences a pointer that it expects to be valid but is NULL.

6310 vulnerabilities reference this CWE, most recent first.

CVE-2025-60007 (GCVE-0-2025-60007)

Vulnerability from cvelistv5 – Published: 2026-01-15 20:16 – Updated: 2026-03-16 18:18
VLAI
Title
Junos OS: A specifically crafted 'show chassis' command causes chassisd to crash
Summary
A NULL Pointer Dereference vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with low privileges to cause a Denial-of-Service (DoS). When a user executes the 'show chassis' command with specifically crafted options, chassisd will crash and restart. Due to this all components but the Routing Engine (RE) in the chassis are reinitialized, which leads to a complete service outage, which the system automatically recovers from. This issue affects: Junos OS on MX, SRX and EX Series, except MX10000 Series and MX304:  * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S5, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S2, * 24.4 versions before 24.4R2.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
References
URL Tags
https://supportportal.juniper.net/ vendor-advisory
https://kb.juniper.net/JSA103173 vendor-advisory
Impacted products
Vendor Product Version
Juniper Networks Junos OS Affected: 0 , < 22.4R3-S8 (semver)
Affected: 23.2 , < 23.2R2-S5 (semver)
Affected: 23.4 , < 23.4R2-S6 (semver)
Affected: 24.2 , < 24.2R2-S2 (semver)
Affected: 24.4 , < 24.4R2 (semver)
Create a notification for this product.
Date Public
2026-01-14 17:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-60007",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-15T21:10:02.048889Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-15T21:10:13.435Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "MX Series",
            "EX Series",
            "SRX Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "22.4R3-S8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2-S5",
              "status": "affected",
              "version": "23.2",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-S6",
              "status": "affected",
              "version": "23.4",
              "versionType": "semver"
            },
            {
              "lessThan": "24.2R2-S2",
              "status": "affected",
              "version": "24.2",
              "versionType": "semver"
            },
            {
              "lessThan": "24.4R2",
              "status": "affected",
              "version": "24.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2026-01-14T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A NULL Pointer Dereference vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with low privileges to cause a Denial-of-Service (DoS).\u003cbr\u003e\u003cbr\u003e\u003cbr\u003eWhen a user executes the \u0027show chassis\u0027 command with specifically crafted options, chassisd will crash and restart. Due to this all components but the Routing Engine (RE) in the chassis are reinitialized, which leads to a complete service outage, which the system automatically recovers from.\u003cbr\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects:\u003c/p\u003e\u003cp\u003eJunos OS on MX, SRX and EX Series,  except MX10000 Series and MX304:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eall versions before 22.4R3-S8,\u003c/li\u003e\u003cli\u003e23.2 versions before 23.2R2-S5,\u003c/li\u003e\u003cli\u003e23.4 versions before 23.4R2-S6,\u003c/li\u003e\u003cli\u003e24.2 versions before 24.2R2-S2,\u003c/li\u003e\u003cli\u003e24.4 versions before 24.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "A NULL Pointer Dereference vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with low privileges to cause a Denial-of-Service (DoS).\n\n\nWhen a user executes the \u0027show chassis\u0027 command with specifically crafted options, chassisd will crash and restart. Due to this all components but the Routing Engine (RE) in the chassis are reinitialized, which leads to a complete service outage, which the system automatically recovers from.\n\n\n\nThis issue affects:\n\nJunos OS on MX, SRX and EX Series,  except MX10000 Series and MX304:\u00a0\n\n\n\n  *  all versions before 22.4R3-S8,\n  *  23.2 versions before 23.2R2-S5,\n  *  23.4 versions before 23.4R2-S6,\n  *  24.2 versions before 24.2R2-S2,\n  *  24.4 versions before 24.4R2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/RE:M",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-16T18:18:52.683Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.juniper.net/JSA103173"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S8, 23.2R2-S5, 23.4R2-S6, 24.2R2-S2, 24.4R2, 25.2R1, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: 22.4R3-S8, 23.2R2-S5, 23.4R2-S6, 24.2R2-S2, 24.4R2, 25.2R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA103173",
        "defect": [
          "1854693"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: A specifically crafted \u0027show chassis\u0027 command causes chassisd to crash",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "To prevent this issue from being exploited please use CLI authorization to prevent the execution of the \u0027show chassis\u0027 command."
            }
          ],
          "value": "To prevent this issue from being exploited please use CLI authorization to prevent the execution of the \u0027show chassis\u0027 command."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2025-60007",
    "datePublished": "2026-01-15T20:16:22.617Z",
    "dateReserved": "2025-09-23T18:19:06.961Z",
    "dateUpdated": "2026-03-16T18:18:52.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59967 (GCVE-0-2025-59967)

Vulnerability from cvelistv5 – Published: 2025-10-09 15:47 – Updated: 2025-10-09 16:11
VLAI
Title
Junos OS Evolved: ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509: When specific valid multicast traffic is received on the L3 interface on a vulnerable device evo-pfemand crashes and restarts
Summary
A NULL Pointer Dereference vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 devices allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). Whenever specific valid multicast traffic is received on any layer 3 interface the evo-pfemand process crashes and restarts. Continued receipt of specific valid multicast traffic results in a sustained Denial of Service (DoS) attack. This issue affects Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509:  * from 23.2R2-EVO before 23.2R2-S4-EVO,  * from 23.4R1-EVO before 23.4R2-EVO. This issue affects IPv4 and IPv6. This issue does not affect Junos OS Evolved ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 versions before 23.2R2-EVO.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Evolved Affected: 23.2R2-EVO , < 23.2R2-S4-EVO (semver)
Affected: 23.4R1-EVO , < 23.4R2-EVO (semver)
Create a notification for this product.
Date Public
2025-10-08 16:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59967",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-09T16:10:54.290535Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-09T16:11:02.135Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "evo-pfemand"
          ],
          "platforms": [
            "ACX7348",
            "ACX7024",
            "ACX7509",
            "ACX7024X",
            "ACX7100-32C",
            "ACX7100-48L"
          ],
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "23.2R2-S4-EVO",
              "status": "affected",
              "version": "23.2R2-EVO",
              "versionType": "semver"
            },
            {
              "lessThan": "23.4R2-EVO",
              "status": "affected",
              "version": "23.4R1-EVO",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRequired Configuration for Exposure:\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e\u003ctt\u003e\u0026nbsp; [ Interface \u201cinterface\u201d unit \u201cunit\u201d\nfamily inet\naddress \u201caddress\u201d ]\u003cbr\u003eor\u003cbr\u003e\u0026nbsp; [ Interface \u201cinterface\u201d unit \u201cunit\u201d\nfamily inet6 address \u201caddress\u201d ]\u003cbr\u003e\u003c/tt\u003e\u003cp\u003eThis issue does not require a multicast configuration to be set on the device.\u003cbr\u003e\u003c/p\u003e\u003ctt\u003e\u003c/tt\u003e"
            }
          ],
          "value": "Required Configuration for Exposure:\n\n\u00a0 [ Interface \u201cinterface\u201d unit \u201cunit\u201d\nfamily inet\naddress \u201caddress\u201d ]\nor\n\u00a0 [ Interface \u201cinterface\u201d unit \u201cunit\u201d\nfamily inet6 address \u201caddress\u201d ]\nThis issue does not require a multicast configuration to be set on the device."
        }
      ],
      "datePublic": "2025-10-08T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA NULL Pointer Dereference vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7024,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7024X,\u003c/span\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7100-32C,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7100-48L,\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7348,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7509 devices a\u003c/span\u003e\u003c/span\u003e\u003c/span\u003ellows an unauthenticated, adjacent attacker to cause a \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDenial-of-Service (DoS).\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\u003cbr\u003eWhenever specific valid multicast traffic is received on any layer 3 interface the evo-pfemand process crashes and restarts.\u003cbr\u003e\u003cbr\u003eContinued receipt of specific valid multicast traffic\u003cspan style=\"background-color: rgb(251, 251, 251);\"\u003e\u0026nbsp;results in a sustained Denial of Service (DoS) attack. \u003cbr\u003e\u003c/span\u003e\u003cp\u003eThis issue affects Junos OS Evolved on \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7024, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7024X,\u003c/span\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7100-32C, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7100-48L, \u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7348, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7509:\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003efrom 23.2R2-EVO before 23.2R2-S4-EVO,\u0026nbsp;\u003c/li\u003e\u003cli\u003efrom 23.4R1-EVO before 23.4R2-EVO.\u003c/li\u003e\u003c/ul\u003eThis issue affects IPv4 and IPv6. \u003cbr\u003e\u003cbr\u003eThis issue does not affect  Junos OS Evolved \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7024, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7024X,\u003c/span\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7100-32C, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7100-48L, \u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7348, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eACX7509\u0026nbsp;\u003c/span\u003e\u003c/span\u003e\u003c/span\u003eversions before 23.2R2-EVO.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003c/span\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "A NULL Pointer Dereference vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7024,\u00a0ACX7024X,\u00a0ACX7100-32C,\u00a0ACX7100-48L,\u00a0ACX7348,\u00a0ACX7509 devices allows an unauthenticated, adjacent attacker to cause a \n\nDenial-of-Service (DoS).\n\nWhenever specific valid multicast traffic is received on any layer 3 interface the evo-pfemand process crashes and restarts.\n\nContinued receipt of specific valid multicast traffic\u00a0results in a sustained Denial of Service (DoS) attack. \nThis issue affects Junos OS Evolved on ACX7024, ACX7024X,\u00a0ACX7100-32C, ACX7100-48L, ACX7348, ACX7509:\u00a0\n\n\n\n  *  from 23.2R2-EVO before 23.2R2-S4-EVO,\u00a0\n  *  from 23.4R1-EVO before 23.4R2-EVO.\n\n\nThis issue affects IPv4 and IPv6. \n\nThis issue does not affect  Junos OS Evolved ACX7024, ACX7024X,\u00a0ACX7100-32C, ACX7100-48L, ACX7348, ACX7509\u00a0versions before 23.2R2-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/R:A/V:C/RE:M/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-09T15:47:10.103Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA103156"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: \u003cbr\u003e\u003cbr\u003eJunos OS Evolved: 23.2R2-S4-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS Evolved: 23.2R2-S4-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA103156",
        "defect": [
          "1807221"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS Evolved: ACX7024, ACX7024X, ACX7100-32C,  ACX7100-48L, ACX7348, ACX7509: When specific valid multicast traffic is received on the L3 interface on a vulnerable device evo-pfemand crashes and restarts",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue.\u003cbr\u003eTo reduce the risk of exploitation, enable access control lists (ACLs) and other filtering mechanisms to limit access to the device only from trusted hosts.\u003cbr\u003e"
            }
          ],
          "value": "There are no known workarounds for this issue.\nTo reduce the risk of exploitation, enable access control lists (ACLs) and other filtering mechanisms to limit access to the device only from trusted hosts."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2025-59967",
    "datePublished": "2025-10-09T15:47:10.103Z",
    "dateReserved": "2025-09-23T18:19:06.955Z",
    "dateUpdated": "2025-10-09T16:11:02.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-59836 (GCVE-0-2025-59836)

Vulnerability from cvelistv5 – Published: 2025-10-13 20:43 – Updated: 2025-10-14 14:28
VLAI
Title
Omni is Vulnerable to DoS via Empty Create/Update Resource Requests
Summary
Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource requests through the API endpoints. The vulnerability exists in the isSensitiveSpec function which calls grpcomni.CreateResource without checking if the resource's metadata field is nil. When a resource is created with an empty Metadata field, the CreateResource function attempts to access resource.Metadata.Version causing a segmentation fault. This vulnerability is fixed in 1.1.5 and 1.0.2.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-703 - Improper Check or Handling of Exceptional Conditions
  • CWE-476 - NULL Pointer Dereference
Assigner
Impacted products
Vendor Product Version
siderolabs omni Affected: >= 1.1.0-beta.0, < 1.1.5
Affected: < 1.0.2
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59836",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-14T14:28:04.746854Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-14T14:28:17.108Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "omni",
          "vendor": "siderolabs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.1.0-beta.0, \u003c 1.1.5"
            },
            {
              "status": "affected",
              "version": "\u003c 1.0.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, there is a nil pointer dereference vulnerability in the Omni Resource Service allows unauthenticated users to cause a server panic and denial of service by sending empty create/update resource requests through the API endpoints. The vulnerability exists in the isSensitiveSpec function which calls grpcomni.CreateResource without checking if the resource\u0027s metadata field is nil. When a resource is created with an empty Metadata field, the CreateResource function attempts to access resource.Metadata.Version causing a segmentation fault. This vulnerability is fixed in 1.1.5 and 1.0.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-13T20:45:48.663Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/siderolabs/omni/security/advisories/GHSA-4p3p-cr38-v5xp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/siderolabs/omni/security/advisories/GHSA-4p3p-cr38-v5xp"
        },
        {
          "name": "https://github.com/siderolabs/omni/commit/1396083f766a1b0380e9949968d7fc17b7afecaa",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/siderolabs/omni/commit/1396083f766a1b0380e9949968d7fc17b7afecaa"
        },
        {
          "name": "https://github.com/siderolabs/omni/commit/1fd954af64985a8b3dbf5b11deddbf7cd953f5ae",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/siderolabs/omni/commit/1fd954af64985a8b3dbf5b11deddbf7cd953f5ae"
        }
      ],
      "source": {
        "advisory": "GHSA-4p3p-cr38-v5xp",
        "discovery": "UNKNOWN"
      },
      "title": "Omni is Vulnerable to DoS via Empty Create/Update Resource Requests"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59836",
    "datePublished": "2025-10-13T20:43:40.844Z",
    "dateReserved": "2025-09-22T14:34:03.471Z",
    "dateUpdated": "2025-10-14T14:28:17.108Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-59777 (GCVE-0-2025-59777)

Vulnerability from cvelistv5 – Published: 2025-11-10 04:10 – Updated: 2025-11-10 21:41
VLAI
Summary
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL pointer dereference
Assigner
Impacted products
Vendor Product Version
GNU Project GNU libbmicrohttpd Affected: v1.0.2 and earlier (The vulnerability remains in the source code up until commit ff13abc on the master branch of the libmicrohttpd Git repository
Affected: after the v1.0.2 tag.)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59777",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-10T21:40:57.327820Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-10T21:41:04.217Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "GNU libbmicrohttpd",
          "vendor": "GNU Project",
          "versions": [
            {
              "status": "affected",
              "version": "v1.0.2 and earlier (The vulnerability remains in the source code up until commit ff13abc on the master branch of the libmicrohttpd Git repository"
            },
            {
              "status": "affected",
              "version": "after the v1.0.2 tag.)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL pointer dereference",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T04:10:44.836Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.gnu.org/software/libmicrohttpd/"
        },
        {
          "url": "https://git.gnunet.org/libmicrohttpd.git/commit/?id=ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b"
        },
        {
          "url": "https://jvn.jp/en/jp/JVN76719218/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2025-59777",
    "datePublished": "2025-11-10T04:10:44.836Z",
    "dateReserved": "2025-11-03T23:35:54.488Z",
    "dateUpdated": "2025-11-10T21:41:04.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59668 (GCVE-0-2025-59668)

Vulnerability from cvelistv5 – Published: 2025-09-30 04:06 – Updated: 2025-10-31 14:12 Unsupported When Assigned
VLAI
Summary
Multiple versions of Central Monitor CNS-6201 contain a NULL pointer dereference vulnerability. When processing a crafted certain UDP packet, the affected device may abnormally terminate.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL pointer dereference
Assigner
Impacted products
Vendor Product Version
NIHON KOHDEN CORPORATION Central Monitor CNS-6201 Affected: 01-03
Affected: 01-04
Affected: 01-05
Affected: 01-06
Affected: 02-10
Affected: 02-11
Affected: and 02-40
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59668",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-30T15:46:30.521096Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-30T15:46:39.862Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-10-31T14:12:10.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-296-01"
          },
          {
            "url": "https://www.nihonkohden.com/security/main/01112/teaserItems3/0/linkList/0/link/NKcorporateResponse-CNS-6201_CentralMonitor_Vulnerability(CVE-2025-59668)_en_Rev2.pdf"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Central Monitor CNS-6201",
          "vendor": "NIHON KOHDEN CORPORATION",
          "versions": [
            {
              "status": "affected",
              "version": "01-03"
            },
            {
              "status": "affected",
              "version": "01-04"
            },
            {
              "status": "affected",
              "version": "01-05"
            },
            {
              "status": "affected",
              "version": "01-06"
            },
            {
              "status": "affected",
              "version": "02-10"
            },
            {
              "status": "affected",
              "version": "02-11"
            },
            {
              "status": "affected",
              "version": "and 02-40"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple versions of Central Monitor CNS-6201 contain a NULL pointer dereference vulnerability. When processing a crafted certain UDP packet, the affected device may abnormally terminate."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL pointer dereference",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-30T04:06:11.279Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://www.nihonkohden.com/security.html"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU96989989/"
        }
      ],
      "tags": [
        "unsupported-when-assigned"
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2025-59668",
    "datePublished": "2025-09-30T04:06:11.279Z",
    "dateReserved": "2025-09-18T07:00:43.823Z",
    "dateUpdated": "2025-10-31T14:12:10.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59606 (GCVE-0-2025-59606)

Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
VLAI
Title
NULL Pointer Dereference in HLOS
Summary
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Affected: Cologne
Affected: FastConnect 6200
Affected: FastConnect 6700
Affected: FastConnect 6900
Affected: FastConnect 7800
Affected: G2 Gen 1
Affected: IQ6 Series Platform
Affected: IQ8 Series Platform
Affected: IQ9 Series Platform
Affected: LeMans_AU_LGIT
Affected: LeMansAU
Affected: Monaco_IOT
Affected: Netrani
Affected: Orne
Affected: Palawan25
Affected: Pandeiro
Affected: QAM8255P
Affected: QAM8295P
Affected: QAM8620P
Affected: QAMSRV1H
Affected: QAMSRV1M
Affected: QCA6574
Affected: QCA6574A
Affected: QCA6574AU
Affected: QCA6595
Affected: QCA6595AU
Affected: QCA6678AQ
Affected: QCA6688AQ
Affected: QCA6696
Affected: QCA6698AQ
Affected: QCA6797AQ
Affected: QCA8695AU
Affected: QCM5430
Affected: QCM6490
Affected: QLN1083BD
Affected: QLN1086BD
Affected: QMP1000
Affected: QPA1083BD
Affected: QPA1086BD
Affected: Qualcomm Video Collaboration VC3 Platform
Affected: QXM1093
Affected: QXM1094
Affected: QXM1095
Affected: QXM1096
Affected: SA6145P
Affected: SA6150P
Affected: SA6155P
Affected: SA7255P
Affected: SA7775P
Affected: SA8145P
Affected: SA8150P
Affected: SA8155P
Affected: SA8195P
Affected: SA8255P
Affected: SA8295P
Affected: SA8540P
Affected: SA8620P
Affected: SA8770P
Affected: SA9000P
Affected: SAR1250P
Affected: SAR2230P
Affected: SM7435
Affected: SM8750P
Affected: Snapdragon 4 Gen 2 Mobile Platform
Affected: Snapdragon 6 Gen 1 Mobile Platform
Affected: Snapdragon 6 Gen 3 Mobile Platform
Affected: Snapdragon 8 Elite
Affected: SRV1H
Affected: SRV1L
Affected: SRV1M
Affected: SXR2330P
Affected: SXR2350P
Affected: WCD9370
Affected: WCD9375
Affected: WCD9378
Affected: WCD9378C
Affected: WCD9380
Affected: WCD9385
Affected: WCD9395
Affected: WCN3950
Affected: WCN3988
Affected: WCN6755
Affected: WCN7860
Affected: WCN7861
Affected: WCN7880
Affected: WCN7881
Affected: WSA8810
Affected: WSA8815
Affected: WSA8830
Affected: WSA8832
Affected: WSA8835
Affected: WSA8840
Affected: WSA8845
Affected: WSA8845H
Affected: X2000077
Affected: X2000086
Affected: X2000090
Affected: X2000092
Affected: X2000094
Affected: XG101002
Affected: XG101032
Affected: XG101039
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59606",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-02T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-03T03:55:57.954Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Cologne"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6700"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "G2 Gen 1"
            },
            {
              "status": "affected",
              "version": "IQ6 Series Platform"
            },
            {
              "status": "affected",
              "version": "IQ8 Series Platform"
            },
            {
              "status": "affected",
              "version": "IQ9 Series Platform"
            },
            {
              "status": "affected",
              "version": "LeMans_AU_LGIT"
            },
            {
              "status": "affected",
              "version": "LeMansAU"
            },
            {
              "status": "affected",
              "version": "Monaco_IOT"
            },
            {
              "status": "affected",
              "version": "Netrani"
            },
            {
              "status": "affected",
              "version": "Orne"
            },
            {
              "status": "affected",
              "version": "Palawan25"
            },
            {
              "status": "affected",
              "version": "Pandeiro"
            },
            {
              "status": "affected",
              "version": "QAM8255P"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QAM8620P"
            },
            {
              "status": "affected",
              "version": "QAMSRV1H"
            },
            {
              "status": "affected",
              "version": "QAMSRV1M"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6678AQ"
            },
            {
              "status": "affected",
              "version": "QCA6688AQ"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA6797AQ"
            },
            {
              "status": "affected",
              "version": "QCA8695AU"
            },
            {
              "status": "affected",
              "version": "QCM5430"
            },
            {
              "status": "affected",
              "version": "QCM6490"
            },
            {
              "status": "affected",
              "version": "QLN1083BD"
            },
            {
              "status": "affected",
              "version": "QLN1086BD"
            },
            {
              "status": "affected",
              "version": "QMP1000"
            },
            {
              "status": "affected",
              "version": "QPA1083BD"
            },
            {
              "status": "affected",
              "version": "QPA1086BD"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC3 Platform"
            },
            {
              "status": "affected",
              "version": "QXM1093"
            },
            {
              "status": "affected",
              "version": "QXM1094"
            },
            {
              "status": "affected",
              "version": "QXM1095"
            },
            {
              "status": "affected",
              "version": "QXM1096"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA7255P"
            },
            {
              "status": "affected",
              "version": "SA7775P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8255P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SA8540P"
            },
            {
              "status": "affected",
              "version": "SA8620P"
            },
            {
              "status": "affected",
              "version": "SA8770P"
            },
            {
              "status": "affected",
              "version": "SA9000P"
            },
            {
              "status": "affected",
              "version": "SAR1250P"
            },
            {
              "status": "affected",
              "version": "SAR2230P"
            },
            {
              "status": "affected",
              "version": "SM7435"
            },
            {
              "status": "affected",
              "version": "SM8750P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 4 Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 6 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 6 Gen 3 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Elite"
            },
            {
              "status": "affected",
              "version": "SRV1H"
            },
            {
              "status": "affected",
              "version": "SRV1L"
            },
            {
              "status": "affected",
              "version": "SRV1M"
            },
            {
              "status": "affected",
              "version": "SXR2330P"
            },
            {
              "status": "affected",
              "version": "SXR2350P"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9378"
            },
            {
              "status": "affected",
              "version": "WCD9378C"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCD9395"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN6755"
            },
            {
              "status": "affected",
              "version": "WCN7860"
            },
            {
              "status": "affected",
              "version": "WCN7861"
            },
            {
              "status": "affected",
              "version": "WCN7880"
            },
            {
              "status": "affected",
              "version": "WCN7881"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            },
            {
              "status": "affected",
              "version": "WSA8840"
            },
            {
              "status": "affected",
              "version": "WSA8845"
            },
            {
              "status": "affected",
              "version": "WSA8845H"
            },
            {
              "status": "affected",
              "version": "X2000077"
            },
            {
              "status": "affected",
              "version": "X2000086"
            },
            {
              "status": "affected",
              "version": "X2000090"
            },
            {
              "status": "affected",
              "version": "X2000092"
            },
            {
              "status": "affected",
              "version": "X2000094"
            },
            {
              "status": "affected",
              "version": "XG101002"
            },
            {
              "status": "affected",
              "version": "XG101032"
            },
            {
              "status": "affected",
              "version": "XG101039"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-01T22:05:26.836Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
        }
      ],
      "title": "NULL Pointer Dereference in HLOS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2025-59606",
    "datePublished": "2026-06-01T22:05:26.836Z",
    "dateReserved": "2025-09-18T03:19:23.201Z",
    "dateUpdated": "2026-06-03T03:55:57.954Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59604 (GCVE-0-2025-59604)

Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:56
VLAI
Title
NULL Pointer Dereference in SPS Applications
Summary
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
Impacted products
Vendor Product Version
Qualcomm, Inc. Snapdragon Affected: AR8035
Affected: Cologne
Affected: CSRA6620
Affected: CSRA6640
Affected: FastConnect 6200
Affected: FastConnect 6700
Affected: FastConnect 6800
Affected: FastConnect 6900
Affected: FastConnect 7800
Affected: FWA Gen 3 Ultra Platform
Affected: G1 Gen 1
Affected: G2 Gen 1
Affected: IQ6 Series Platform
Affected: IQ8 Series Platform
Affected: IQ9 Series Platform
Affected: LeMans_AU_LGIT
Affected: LeMansAU
Affected: Milos
Affected: Monaco_IOT
Affected: Netrani
Affected: Orne
Affected: Palawan25
Affected: Pandeiro
Affected: QAM8255P
Affected: QAM8295P
Affected: QAM8620P
Affected: QAMSRV1H
Affected: QAMSRV1M
Affected: QCA0000
Affected: QCA6174A
Affected: QCA6391
Affected: QCA6574
Affected: QCA6574A
Affected: QCA6574AU
Affected: QCA6584AU
Affected: QCA6595
Affected: QCA6595AU
Affected: QCA6678AQ
Affected: QCA6688AQ
Affected: QCA6696
Affected: QCA6698AQ
Affected: QCA6698AU
Affected: QCA6797AQ
Affected: QCA8081
Affected: QCA8337
Affected: QCA8695AU
Affected: QCC710
Affected: QCM2290
Affected: QCM4325
Affected: QCM4490
Affected: QCM5430
Affected: QCM6125
Affected: QCM6490
Affected: QCN6024
Affected: QCN6224
Affected: QCN6274
Affected: QCN9011
Affected: QCN9012
Affected: QCN9024
Affected: QCS2290
Affected: QCS4290
Affected: QCS4490
Affected: QCS8550
Affected: QDX1010
Affected: QDX1011
Affected: QEP8111
Affected: QFW7114
Affected: QFW7124
Affected: QLN1083BD
Affected: QLN1086BD
Affected: QMP1000
Affected: QPA1083BD
Affected: QPA1086BD
Affected: QRU1032
Affected: Qualcomm Dragonwing QRU100 Platform
Affected: Qualcomm Dragonwing X100 Accelerator Card
Affected: Qualcomm Video Collaboration VC1 Platform
Affected: Qualcomm Video Collaboration VC3 Platform
Affected: QXM1093
Affected: QXM1094
Affected: QXM1095
Affected: QXM1096
Affected: Robotics RB2 Platform
Affected: SA4150P
Affected: SA4155P
Affected: SA6145P
Affected: SA6150P
Affected: SA6155P
Affected: SA7255P
Affected: SA7775P
Affected: SA8145P
Affected: SA8150P
Affected: SA8155P
Affected: SA8195P
Affected: SA8255P
Affected: SA8295P
Affected: SA8540P
Affected: SA8620P
Affected: SA8770P
Affected: SA9000P
Affected: SAR1250P
Affected: SAR2130P
Affected: SAR2230P
Affected: SC8380XP
Affected: SD 8 Gen1 5G
Affected: SD662
Affected: SD865 5G
Affected: SDX61
Affected: SM6225P
Affected: SM6650P
Affected: SM7250P
Affected: SM7325P
Affected: SM7435
Affected: SM7550
Affected: SM7550P
Affected: SM7635P
Affected: SM7675
Affected: SM7675P
Affected: SM8475P
Affected: SM8550P
Affected: SM8635
Affected: SM8635P
Affected: SM8650Q
Affected: SM8750P
Affected: Snapdragon 4 Gen 1 Mobile Platform
Affected: Snapdragon 4 Gen 2 Mobile Platform
Affected: Snapdragon 460 Mobile Platform
Affected: Snapdragon 480 5G Mobile Platform
Affected: Snapdragon 480+ 5G Mobile Platform
Affected: Snapdragon 6 Gen 1 Mobile Platform
Affected: Snapdragon 6 Gen 3 Mobile Platform
Affected: Snapdragon 6 Gen 4 Mobile Platform
Affected: Snapdragon 662 Mobile Platform
Affected: Snapdragon 680 4G Mobile Platform
Affected: Snapdragon 685 4G Mobile Platform
Affected: Snapdragon 690 5G Mobile Platform
Affected: Snapdragon 695 5G Mobile Platform
Affected: Snapdragon 7 Gen 1 Mobile Platform
Affected: Snapdragon 7+ Gen 2 Mobile Platform
Affected: Snapdragon 720G Mobile Platform
Affected: Snapdragon 765 5G Mobile Platform
Affected: Snapdragon 765G 5G Mobile Platform
Affected: Snapdragon 768G 5G Mobile Platform
Affected: Snapdragon 778G 5G Mobile Platform
Affected: Snapdragon 778G+ 5G Mobile Platform
Affected: Snapdragon 782G Mobile Platform
Affected: Snapdragon 7c+ Gen 3 Compute
Affected: Snapdragon 7s Gen 3 Mobile Platform
Affected: Snapdragon 8 Elite
Affected: Snapdragon 8 Gen 1 Mobile Platform
Affected: Snapdragon 8 Gen 2 Mobile Platform
Affected: Snapdragon 8 Gen 3 Mobile Platform
Affected: Snapdragon 8+ Gen 1 Mobile Platform
Affected: Snapdragon 8+ Gen 2 Mobile Platform
Affected: Snapdragon 865 5G Mobile Platform
Affected: Snapdragon 865+ 5G Mobile Platform
Affected: Snapdragon 870 5G Mobile Platform
Affected: Snapdragon 888 5G Mobile Platform
Affected: Snapdragon 888+ 5G Mobile Platform
Affected: Snapdragon 8cx Gen 3 Compute Platform
Affected: Snapdragon AR1 Gen 1 Platform
Affected: Snapdragon Auto 5G Modem-RF Gen 2
Affected: Snapdragon W5+ Gen 1 Wearable Platform
Affected: Snapdragon X32 5G Modem-RF System
Affected: Snapdragon X35 5G Modem-RF System
Affected: Snapdragon X53 5G Modem-RF System
Affected: Snapdragon X55 5G Modem-RF System
Affected: Snapdragon X65 5G Modem-RF System
Affected: Snapdragon X72 5G Modem-RF System
Affected: Snapdragon X75 5G Modem-RF System
Affected: Snapdragon XR2 5G Platform
Affected: Snapdragon XR2+ Gen 1 Platform
Affected: SRV1H
Affected: SRV1L
Affected: SRV1M
Affected: SW5100
Affected: SW5100P
Affected: SXR2230P
Affected: SXR2250P
Affected: SXR2330P
Affected: SXR2350P
Affected: WCD9335
Affected: WCD9340
Affected: WCD9370
Affected: WCD9371
Affected: WCD9375
Affected: WCD9378
Affected: WCD9378C
Affected: WCD9380
Affected: WCD9385
Affected: WCD9390
Affected: WCD9395
Affected: WCN3910
Affected: WCN3950
Affected: WCN3980
Affected: WCN3988
Affected: WCN6650
Affected: WCN6755
Affected: WCN7860
Affected: WCN7861
Affected: WCN7880
Affected: WCN7881
Affected: WSA8810
Affected: WSA8815
Affected: WSA8830
Affected: WSA8832
Affected: WSA8835
Affected: WSA8840
Affected: WSA8845
Affected: WSA8845H
Affected: X2000077
Affected: X2000086
Affected: X2000090
Affected: X2000092
Affected: X2000094
Affected: XG101002
Affected: XG101032
Affected: XG101039
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59604",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-02T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-03T03:56:00.464Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Snapdragon Auto",
            "Snapdragon CCW",
            "Snapdragon Compute",
            "Snapdragon Consumer IOT",
            "Snapdragon Industrial IOT",
            "Snapdragon Mobile",
            "Snapdragon WBC",
            "Snapdragon Wearables"
          ],
          "product": "Snapdragon",
          "vendor": "Qualcomm, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "AR8035"
            },
            {
              "status": "affected",
              "version": "Cologne"
            },
            {
              "status": "affected",
              "version": "CSRA6620"
            },
            {
              "status": "affected",
              "version": "CSRA6640"
            },
            {
              "status": "affected",
              "version": "FastConnect 6200"
            },
            {
              "status": "affected",
              "version": "FastConnect 6700"
            },
            {
              "status": "affected",
              "version": "FastConnect 6800"
            },
            {
              "status": "affected",
              "version": "FastConnect 6900"
            },
            {
              "status": "affected",
              "version": "FastConnect 7800"
            },
            {
              "status": "affected",
              "version": "FWA Gen 3 Ultra Platform"
            },
            {
              "status": "affected",
              "version": "G1 Gen 1"
            },
            {
              "status": "affected",
              "version": "G2 Gen 1"
            },
            {
              "status": "affected",
              "version": "IQ6 Series Platform"
            },
            {
              "status": "affected",
              "version": "IQ8 Series Platform"
            },
            {
              "status": "affected",
              "version": "IQ9 Series Platform"
            },
            {
              "status": "affected",
              "version": "LeMans_AU_LGIT"
            },
            {
              "status": "affected",
              "version": "LeMansAU"
            },
            {
              "status": "affected",
              "version": "Milos"
            },
            {
              "status": "affected",
              "version": "Monaco_IOT"
            },
            {
              "status": "affected",
              "version": "Netrani"
            },
            {
              "status": "affected",
              "version": "Orne"
            },
            {
              "status": "affected",
              "version": "Palawan25"
            },
            {
              "status": "affected",
              "version": "Pandeiro"
            },
            {
              "status": "affected",
              "version": "QAM8255P"
            },
            {
              "status": "affected",
              "version": "QAM8295P"
            },
            {
              "status": "affected",
              "version": "QAM8620P"
            },
            {
              "status": "affected",
              "version": "QAMSRV1H"
            },
            {
              "status": "affected",
              "version": "QAMSRV1M"
            },
            {
              "status": "affected",
              "version": "QCA0000"
            },
            {
              "status": "affected",
              "version": "QCA6174A"
            },
            {
              "status": "affected",
              "version": "QCA6391"
            },
            {
              "status": "affected",
              "version": "QCA6574"
            },
            {
              "status": "affected",
              "version": "QCA6574A"
            },
            {
              "status": "affected",
              "version": "QCA6574AU"
            },
            {
              "status": "affected",
              "version": "QCA6584AU"
            },
            {
              "status": "affected",
              "version": "QCA6595"
            },
            {
              "status": "affected",
              "version": "QCA6595AU"
            },
            {
              "status": "affected",
              "version": "QCA6678AQ"
            },
            {
              "status": "affected",
              "version": "QCA6688AQ"
            },
            {
              "status": "affected",
              "version": "QCA6696"
            },
            {
              "status": "affected",
              "version": "QCA6698AQ"
            },
            {
              "status": "affected",
              "version": "QCA6698AU"
            },
            {
              "status": "affected",
              "version": "QCA6797AQ"
            },
            {
              "status": "affected",
              "version": "QCA8081"
            },
            {
              "status": "affected",
              "version": "QCA8337"
            },
            {
              "status": "affected",
              "version": "QCA8695AU"
            },
            {
              "status": "affected",
              "version": "QCC710"
            },
            {
              "status": "affected",
              "version": "QCM2290"
            },
            {
              "status": "affected",
              "version": "QCM4325"
            },
            {
              "status": "affected",
              "version": "QCM4490"
            },
            {
              "status": "affected",
              "version": "QCM5430"
            },
            {
              "status": "affected",
              "version": "QCM6125"
            },
            {
              "status": "affected",
              "version": "QCM6490"
            },
            {
              "status": "affected",
              "version": "QCN6024"
            },
            {
              "status": "affected",
              "version": "QCN6224"
            },
            {
              "status": "affected",
              "version": "QCN6274"
            },
            {
              "status": "affected",
              "version": "QCN9011"
            },
            {
              "status": "affected",
              "version": "QCN9012"
            },
            {
              "status": "affected",
              "version": "QCN9024"
            },
            {
              "status": "affected",
              "version": "QCS2290"
            },
            {
              "status": "affected",
              "version": "QCS4290"
            },
            {
              "status": "affected",
              "version": "QCS4490"
            },
            {
              "status": "affected",
              "version": "QCS8550"
            },
            {
              "status": "affected",
              "version": "QDX1010"
            },
            {
              "status": "affected",
              "version": "QDX1011"
            },
            {
              "status": "affected",
              "version": "QEP8111"
            },
            {
              "status": "affected",
              "version": "QFW7114"
            },
            {
              "status": "affected",
              "version": "QFW7124"
            },
            {
              "status": "affected",
              "version": "QLN1083BD"
            },
            {
              "status": "affected",
              "version": "QLN1086BD"
            },
            {
              "status": "affected",
              "version": "QMP1000"
            },
            {
              "status": "affected",
              "version": "QPA1083BD"
            },
            {
              "status": "affected",
              "version": "QPA1086BD"
            },
            {
              "status": "affected",
              "version": "QRU1032"
            },
            {
              "status": "affected",
              "version": "Qualcomm Dragonwing QRU100 Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm Dragonwing X100 Accelerator Card"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC1 Platform"
            },
            {
              "status": "affected",
              "version": "Qualcomm Video Collaboration VC3 Platform"
            },
            {
              "status": "affected",
              "version": "QXM1093"
            },
            {
              "status": "affected",
              "version": "QXM1094"
            },
            {
              "status": "affected",
              "version": "QXM1095"
            },
            {
              "status": "affected",
              "version": "QXM1096"
            },
            {
              "status": "affected",
              "version": "Robotics RB2 Platform"
            },
            {
              "status": "affected",
              "version": "SA4150P"
            },
            {
              "status": "affected",
              "version": "SA4155P"
            },
            {
              "status": "affected",
              "version": "SA6145P"
            },
            {
              "status": "affected",
              "version": "SA6150P"
            },
            {
              "status": "affected",
              "version": "SA6155P"
            },
            {
              "status": "affected",
              "version": "SA7255P"
            },
            {
              "status": "affected",
              "version": "SA7775P"
            },
            {
              "status": "affected",
              "version": "SA8145P"
            },
            {
              "status": "affected",
              "version": "SA8150P"
            },
            {
              "status": "affected",
              "version": "SA8155P"
            },
            {
              "status": "affected",
              "version": "SA8195P"
            },
            {
              "status": "affected",
              "version": "SA8255P"
            },
            {
              "status": "affected",
              "version": "SA8295P"
            },
            {
              "status": "affected",
              "version": "SA8540P"
            },
            {
              "status": "affected",
              "version": "SA8620P"
            },
            {
              "status": "affected",
              "version": "SA8770P"
            },
            {
              "status": "affected",
              "version": "SA9000P"
            },
            {
              "status": "affected",
              "version": "SAR1250P"
            },
            {
              "status": "affected",
              "version": "SAR2130P"
            },
            {
              "status": "affected",
              "version": "SAR2230P"
            },
            {
              "status": "affected",
              "version": "SC8380XP"
            },
            {
              "status": "affected",
              "version": "SD 8 Gen1 5G"
            },
            {
              "status": "affected",
              "version": "SD662"
            },
            {
              "status": "affected",
              "version": "SD865 5G"
            },
            {
              "status": "affected",
              "version": "SDX61"
            },
            {
              "status": "affected",
              "version": "SM6225P"
            },
            {
              "status": "affected",
              "version": "SM6650P"
            },
            {
              "status": "affected",
              "version": "SM7250P"
            },
            {
              "status": "affected",
              "version": "SM7325P"
            },
            {
              "status": "affected",
              "version": "SM7435"
            },
            {
              "status": "affected",
              "version": "SM7550"
            },
            {
              "status": "affected",
              "version": "SM7550P"
            },
            {
              "status": "affected",
              "version": "SM7635P"
            },
            {
              "status": "affected",
              "version": "SM7675"
            },
            {
              "status": "affected",
              "version": "SM7675P"
            },
            {
              "status": "affected",
              "version": "SM8475P"
            },
            {
              "status": "affected",
              "version": "SM8550P"
            },
            {
              "status": "affected",
              "version": "SM8635"
            },
            {
              "status": "affected",
              "version": "SM8635P"
            },
            {
              "status": "affected",
              "version": "SM8650Q"
            },
            {
              "status": "affected",
              "version": "SM8750P"
            },
            {
              "status": "affected",
              "version": "Snapdragon 4 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 4 Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 460 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 480 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 480+ 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 6 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 6 Gen 3 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 6 Gen 4 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 662 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 680 4G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 685 4G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 690 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 695 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 7 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 7+ Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 720G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 765 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 765G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 768G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 778G 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 778G+ 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 782G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 7c+ Gen 3 Compute"
            },
            {
              "status": "affected",
              "version": "Snapdragon 7s Gen 3 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Elite"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8 Gen 3 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8+ Gen 1 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8+ Gen 2 Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 865+ 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 870 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 888+ 5G Mobile Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon 8cx Gen 3 Compute Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon AR1 Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon Auto 5G Modem-RF Gen 2"
            },
            {
              "status": "affected",
              "version": "Snapdragon W5+ Gen 1 Wearable Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon X32 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X35 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X53 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X55 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X65 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X72 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon X75 5G Modem-RF System"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2 5G Platform"
            },
            {
              "status": "affected",
              "version": "Snapdragon XR2+ Gen 1 Platform"
            },
            {
              "status": "affected",
              "version": "SRV1H"
            },
            {
              "status": "affected",
              "version": "SRV1L"
            },
            {
              "status": "affected",
              "version": "SRV1M"
            },
            {
              "status": "affected",
              "version": "SW5100"
            },
            {
              "status": "affected",
              "version": "SW5100P"
            },
            {
              "status": "affected",
              "version": "SXR2230P"
            },
            {
              "status": "affected",
              "version": "SXR2250P"
            },
            {
              "status": "affected",
              "version": "SXR2330P"
            },
            {
              "status": "affected",
              "version": "SXR2350P"
            },
            {
              "status": "affected",
              "version": "WCD9335"
            },
            {
              "status": "affected",
              "version": "WCD9340"
            },
            {
              "status": "affected",
              "version": "WCD9370"
            },
            {
              "status": "affected",
              "version": "WCD9371"
            },
            {
              "status": "affected",
              "version": "WCD9375"
            },
            {
              "status": "affected",
              "version": "WCD9378"
            },
            {
              "status": "affected",
              "version": "WCD9378C"
            },
            {
              "status": "affected",
              "version": "WCD9380"
            },
            {
              "status": "affected",
              "version": "WCD9385"
            },
            {
              "status": "affected",
              "version": "WCD9390"
            },
            {
              "status": "affected",
              "version": "WCD9395"
            },
            {
              "status": "affected",
              "version": "WCN3910"
            },
            {
              "status": "affected",
              "version": "WCN3950"
            },
            {
              "status": "affected",
              "version": "WCN3980"
            },
            {
              "status": "affected",
              "version": "WCN3988"
            },
            {
              "status": "affected",
              "version": "WCN6650"
            },
            {
              "status": "affected",
              "version": "WCN6755"
            },
            {
              "status": "affected",
              "version": "WCN7860"
            },
            {
              "status": "affected",
              "version": "WCN7861"
            },
            {
              "status": "affected",
              "version": "WCN7880"
            },
            {
              "status": "affected",
              "version": "WCN7881"
            },
            {
              "status": "affected",
              "version": "WSA8810"
            },
            {
              "status": "affected",
              "version": "WSA8815"
            },
            {
              "status": "affected",
              "version": "WSA8830"
            },
            {
              "status": "affected",
              "version": "WSA8832"
            },
            {
              "status": "affected",
              "version": "WSA8835"
            },
            {
              "status": "affected",
              "version": "WSA8840"
            },
            {
              "status": "affected",
              "version": "WSA8845"
            },
            {
              "status": "affected",
              "version": "WSA8845H"
            },
            {
              "status": "affected",
              "version": "X2000077"
            },
            {
              "status": "affected",
              "version": "X2000086"
            },
            {
              "status": "affected",
              "version": "X2000090"
            },
            {
              "status": "affected",
              "version": "X2000092"
            },
            {
              "status": "affected",
              "version": "X2000094"
            },
            {
              "status": "affected",
              "version": "XG101002"
            },
            {
              "status": "affected",
              "version": "XG101032"
            },
            {
              "status": "affected",
              "version": "XG101039"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-01T22:05:24.558Z",
        "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "shortName": "qualcomm"
      },
      "references": [
        {
          "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
        }
      ],
      "title": "NULL Pointer Dereference in SPS Applications"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
    "assignerShortName": "qualcomm",
    "cveId": "CVE-2025-59604",
    "datePublished": "2026-06-01T22:05:24.558Z",
    "dateReserved": "2025-09-18T03:19:23.201Z",
    "dateUpdated": "2026-06-03T03:56:00.464Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59537 (GCVE-0-2025-59537)

Vulnerability from cvelistv5 – Published: 2025-10-01 21:01 – Updated: 2025-10-02 15:54
VLAI
Title
argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload
Summary
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD’s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
Vendor Product Version
argoproj argo-cd Affected: >= 1.2.0, <= 1.8.7
Affected: >= 2.0.0-rc1, < 2.14.20
Affected: >= 3.2.0-rc1, < 3.2.0-rc2
Affected: >= 3.1.0-rc1, < 3.1.8
Affected: >= 3.0.0-rc1, < 3.0.19
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59537",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-02T15:35:13.081671Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-02T15:54:17.919Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.2.0, \u003c= 1.8.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.0.0-rc1, \u003c 2.14.20"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.2.0-rc1, \u003c 3.2.0-rc2"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.1.0-rc1, \u003c 3.1.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 3.0.0-rc1, \u003c 3.0.19"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate clients. With the default configuration, no webhook.gogs.secret set, Argo CD\u2019s /api/webhook endpoint will crash the entire argocd-server process when it receives a Gogs push event whose JSON field commits[].repo is not set or is null. This issue is fixed in versions 2.14.20, 3.2.0-rc2, 3.1.8 and 3.0.19."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-01T21:01:36.519Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-wp4p-9pxh-cgx2"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/761fc27068d2d4cd24e1f784eb2a9033b5ee7f43"
        }
      ],
      "source": {
        "advisory": "GHSA-wp4p-9pxh-cgx2",
        "discovery": "UNKNOWN"
      },
      "title": "argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59537",
    "datePublished": "2025-10-01T21:01:36.519Z",
    "dateReserved": "2025-09-17T17:04:20.373Z",
    "dateUpdated": "2025-10-02T15:54:17.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-59386 (GCVE-0-2025-59386)

Vulnerability from cvelistv5 – Published: 2026-02-11 12:16 – Updated: 2026-02-27 14:27
VLAI
Title
QuTS hero
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
QNAP Systems Inc. QuTS hero Affected: h5.3.x , < h5.3.2.3354 build 20251225 (custom)
Create a notification for this product.
Credits
coral
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59386",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:49:04.721422Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-27T14:27:34.202Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.3.2.3354 build 20251225",
              "status": "affected",
              "version": "h5.3.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "coral"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuTS hero h5.3.2.3354 build 20251225 and later\u003cbr\u003e"
            }
          ],
          "value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nQuTS hero h5.3.2.3354 build 20251225 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 1.2,
            "baseSeverity": "LOW",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-11T12:16:19.698Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-08"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuTS hero h5.3.2.3354 build 20251225 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following version:\nQuTS hero h5.3.2.3354 build 20251225 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-08",
        "discovery": "EXTERNAL"
      },
      "title": "QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2025-59386",
    "datePublished": "2026-02-11T12:16:19.698Z",
    "dateReserved": "2025-09-15T08:35:00.660Z",
    "dateUpdated": "2026-02-27T14:27:34.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-59351 (GCVE-0-2025-59351)

Vulnerability from cvelistv5 – Published: 2025-09-17 19:46 – Updated: 2025-09-18 17:42
VLAI
Title
Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error
Summary
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the first return value of a function is dereferenced even when the function returns an error. This can result in a nil dereference, and cause code to panic. This vulnerability is fixed in 2.1.0.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-476 - NULL Pointer Dereference
Assigner
References
Impacted products
Vendor Product Version
dragonflyoss dragonfly Affected: < 2.1.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59351",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-18T17:42:28.918788Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-18T17:42:35.283Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "dragonfly",
          "vendor": "dragonflyoss",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.1.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the first return value of a function is dereferenced even when the function returns an error. This can result in a nil dereference, and cause code to panic. This vulnerability is fixed in 2.1.0."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-17T19:46:41.322Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-4mhv-8rh3-4ghw",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-4mhv-8rh3-4ghw"
        },
        {
          "name": "https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf"
        }
      ],
      "source": {
        "advisory": "GHSA-4mhv-8rh3-4ghw",
        "discovery": "UNKNOWN"
      },
      "title": "Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59351",
    "datePublished": "2025-09-17T19:46:41.322Z",
    "dateReserved": "2025-09-12T12:36:24.637Z",
    "dateUpdated": "2025-09-18T17:42:35.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-56
Implementation

For any pointers that could have been modified or provided from a function that can return NULL, check the pointer for NULL before use. When working with a multithreaded or otherwise asynchronous environment, ensure that proper locking APIs are used to lock before the check, and unlock when it has finished [REF-1484].

Mitigation
Requirements

Select a programming language that is not susceptible to these issues.

Mitigation
Implementation

Check the results of all functions that return a value and verify that the value is non-null before acting upon it.

Mitigation
Architecture and Design

Identify all variables and data stores that receive information from external sources, and apply input validation to make sure that they are only initialized to expected values.

Mitigation
Implementation

Explicitly initialize all variables and other data stores, either during declaration or just before the first usage.

No CAPEC attack patterns related to this CWE.