Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-24074 (GCVE-0-2025-24074)
Vulnerability from cvelistv5
Published
2025-04-08 17:23
Modified
2025-06-04 17:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
References
| ► | URL | Tags | |
|---|---|---|---|
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Microsoft | Windows 10 Version 1809 |
Version: 10.0.17763.0 < 10.0.17763.7136 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24074",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T20:13:31.859677Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T20:22:33.150Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 1809",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.7136",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.7136",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2019 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.17763.7136",
"status": "affected",
"version": "10.0.17763.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.20348.3453",
"status": "affected",
"version": "10.0.20348.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 10 Version 21H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19044.5737",
"status": "affected",
"version": "10.0.19044.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22621.5189",
"status": "affected",
"version": "10.0.22621.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"ARM64-based Systems",
"32-bit Systems"
],
"product": "Windows 10 Version 22H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.19045.5737",
"status": "affected",
"version": "10.0.19045.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.3775",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems"
],
"product": "Windows 11 version 22H3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.5189",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows 11 Version 23H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.22631.5189",
"status": "affected",
"version": "10.0.22631.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2022, 23H2 Edition (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.25398.1551",
"status": "affected",
"version": "10.0.25398.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 24H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.3775",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.3775",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.7136",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.7136",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.7136",
"versionStartIncluding": "10.0.17763.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.3453",
"versionStartIncluding": "10.0.20348.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.5737",
"versionStartIncluding": "10.0.19044.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.5189",
"versionStartIncluding": "10.0.22621.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.5737",
"versionStartIncluding": "10.0.19045.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3775",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.5189",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.5189",
"versionStartIncluding": "10.0.22631.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.25398.1551",
"versionStartIncluding": "10.0.25398.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.3775",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.3775",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-04-08T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T17:52:48.631Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft DWM Core Library Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074"
}
],
"title": "Microsoft DWM Core Library Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-24074",
"datePublished": "2025-04-08T17:23:34.689Z",
"dateReserved": "2025-01-16T23:11:19.735Z",
"dateUpdated": "2025-06-04T17:52:48.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-24074\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2025-04-08T18:15:46.740\",\"lastModified\":\"2025-07-03T13:03:00.923\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.\"},{\"lang\":\"es\",\"value\":\"La validaci\u00f3n de entrada incorrecta en la librer\u00eda principal DWM de Windows permite que un atacante autorizado eleve privilegios localmente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.17763.7136\",\"matchCriteriaId\":\"13A4A79D-8D45-48FA-84F5-CE1A78E8E424\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\",\"versionEndExcluding\":\"10.0.17763.7136\",\"matchCriteriaId\":\"03AB53EC-354E-4F30-A278-2835CA341503\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19044.5737\",\"matchCriteriaId\":\"2ACCA6F4-C140-4B2E-93FF-1B9DC093E831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.19045.5737\",\"matchCriteriaId\":\"09E0970D-79B9-40D9-BFFF-25EE5A686B04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.22621.5189\",\"matchCriteriaId\":\"350A5C83-A85B-4CC1-81C6-F36C1BE0687E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.22621.5189\",\"matchCriteriaId\":\"AAB1352F-725F-427E-A3F3-73A48287D0C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.22631.5189\",\"matchCriteriaId\":\"0A9C8BFA-DC5B-4E27-AEA1-0CF52B4FDF88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.22631.5189\",\"matchCriteriaId\":\"1718BEDA-0AF8-4A6D-B053-AE746C7617C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*\",\"versionEndExcluding\":\"10.0.26100.3775\",\"matchCriteriaId\":\"39A448D0-EB9F-42FE-85A2-A4AA88D4CEBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26100.3775\",\"matchCriteriaId\":\"8B1600DE-F4B9-456C-A42F-5E5CDB2D6DEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.17763.7136\",\"matchCriteriaId\":\"D2941A94-927C-4393-B2A0-4630F03B8B3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.20348.3453\",\"matchCriteriaId\":\"52706BEC-E3D6-4188-BB88-7078FE4AF970\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.25398.1551\",\"matchCriteriaId\":\"0B42570D-5CFB-4620-8B06-B5752212709A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*\",\"versionEndExcluding\":\"10.0.26100.3775\",\"matchCriteriaId\":\"AA03AE1F-F78C-4864-A1B6-15846AAD4899\"}]}]}],\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-24074\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-08T20:13:31.859677Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-08T20:05:13.148Z\"}}], \"cna\": {\"title\": \"Microsoft DWM Core Library Elevation of Privilege Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 1809\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.7136\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.7136\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2019 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.17763.0\", \"lessThan\": \"10.0.17763.7136\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.20348.0\", \"lessThan\": \"10.0.20348.3453\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 21H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19044.0\", \"lessThan\": \"10.0.19044.5737\", \"versionType\": \"custom\"}], \"platforms\": [\"32-bit Systems\", \"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22621.0\", \"lessThan\": \"10.0.22621.5189\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 10 Version 22H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.19045.0\", \"lessThan\": \"10.0.19045.5737\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\", \"ARM64-based Systems\", \"32-bit Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025 (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.3775\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 version 22H3\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.5189\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 23H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.22631.0\", \"lessThan\": \"10.0.22631.5189\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2022, 23H2 Edition (Server Core installation)\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.25398.0\", \"lessThan\": \"10.0.25398.1551\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows 11 Version 24H2\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.3775\", \"versionType\": \"custom\"}], \"platforms\": [\"ARM64-based Systems\", \"x64-based Systems\"]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server 2025\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0.26100.0\", \"lessThan\": \"10.0.26100.3775\", \"versionType\": \"custom\"}], \"platforms\": [\"x64-based Systems\"]}], \"datePublic\": \"2025-04-08T07:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074\", \"name\": \"Microsoft DWM Core Library Elevation of Privilege Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.7136\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.7136\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.17763.7136\", \"versionStartIncluding\": \"10.0.17763.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.20348.3453\", \"versionStartIncluding\": \"10.0.20348.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19044.5737\", \"versionStartIncluding\": \"10.0.19044.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_22H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22621.5189\", \"versionStartIncluding\": \"10.0.22621.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.19045.5737\", \"versionStartIncluding\": \"10.0.19045.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.3775\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.5189\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.22631.5189\", \"versionStartIncluding\": \"10.0.22631.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.25398.1551\", \"versionStartIncluding\": \"10.0.25398.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.3775\", \"versionStartIncluding\": \"10.0.26100.0\"}, {\"criteria\": \"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.0.26100.3775\", \"versionStartIncluding\": \"10.0.26100.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2025-06-04T17:52:48.631Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-24074\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-04T17:52:48.631Z\", \"dateReserved\": \"2025-01-16T23:11:19.735Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2025-04-08T17:23:34.689Z\", \"assignerShortName\": \"microsoft\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
ncsc-2025-0112
Vulnerability from csaf_ncscnl
Published
2025-04-08 18:57
Modified
2025-04-08 18:57
Summary
Kwetsbaarheden verholpen in Microsoft Windows
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Microsoft heeft kwetsbaarheden verholpen in Windows.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Omzeilen van beveiligingsmaatregel
- Uitvoer van willekeurige code (root/adminrechten)
- Uitvoer van willekeurige code (Gebruikersrechten)
- Verkrijgen van verhoogde rechten
- Toegang tot gevoelige gegevens
- Voordoen als andere gebruiker
Van de kwetsbaarheid met kenmerk CVE-2025-29824 geeft Microsoft aan dat deze eerder actief is misbruikt als zero-day. Er is geen publieke Proof-of-Concept (PoC) of exploitcode bekend. Een kwaadwillende die met succes deze kwetsbaarheid misbruikt, zou SYSTEM-rechten kunnen verkrijgen.
```
Windows Subsystem for Linux:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26675 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows upnphost.dll:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26665 | 7,00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Mark of the Web (MOTW):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27472 | 5,40 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Remote Desktop Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26671 | 8,10 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Update Stack:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21204 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-27475 | 7,00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Mobile Broadband:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-29811 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Standards-Based Storage Management Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27470 | 7,50 | Denial-of-Service |
| CVE-2025-27486 | 7,50 | Denial-of-Service |
| CVE-2025-26652 | 7,50 | Denial-of-Service |
| CVE-2025-26680 | 7,50 | Denial-of-Service |
| CVE-2025-27485 | 7,50 | Denial-of-Service |
| CVE-2025-21174 | 7,50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Digital Media:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26640 | 7,00 | Verkrijgen van verhoogde rechten |
| CVE-2025-27467 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-27476 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-27730 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kernel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26648 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-27739 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Remote Desktop Client:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27487 | 8,00 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Virtualization-Based Security (VBS) Enclave:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27735 | 6,00 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Kernel-Mode Drivers:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27728 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Resilient File System (ReFS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27738 | 6,50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Active Directory Certificate Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27740 | 8,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Power Dependency Coordinator:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27736 | 5,50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Installer:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27727 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Bluetooth Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27490 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Hello:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26635 | 6,50 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-26644 | 6,20 | Voordoen als andere gebruiker |
|----------------|------|-------------------------------------|
Windows Local Security Authority (LSA):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21191 | 7,00 | Verkrijgen van verhoogde rechten |
| CVE-2025-27478 | 7,00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
RPC Endpoint Mapper Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26679 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Kerberos:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-29809 | 7,10 | Omzeilen van beveiligingsmaatregel |
| CVE-2025-26647 | 8,10 | Voordoen als andere gebruiker |
| CVE-2025-27479 | 7,50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Cryptographic Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26641 | 7,50 | Denial-of-Service |
| CVE-2025-29808 | 5,50 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows NTFS:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27483 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-27742 | 5,50 | Toegang tot gevoelige gegevens |
| CVE-2025-21197 | 6,50 | Toegang tot gevoelige gegevens |
| CVE-2025-27733 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-27741 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Routing and Remote Access Service (RRAS):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26667 | 6,50 | Toegang tot gevoelige gegevens |
| CVE-2025-26672 | 6,50 | Toegang tot gevoelige gegevens |
| CVE-2025-26676 | 6,50 | Toegang tot gevoelige gegevens |
| CVE-2025-27474 | 6,50 | Toegang tot gevoelige gegevens |
| CVE-2025-21203 | 6,50 | Toegang tot gevoelige gegevens |
| CVE-2025-26664 | 6,50 | Toegang tot gevoelige gegevens |
| CVE-2025-26668 | 7,50 | Uitvoeren van willekeurige code |
| CVE-2025-26669 | 8,80 | Toegang tot gevoelige gegevens |
|----------------|------|-------------------------------------|
Windows Hyper-V:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27491 | 7,10 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Microsoft Streaming Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27471 | 5,90 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Kernel Memory:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-29812 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Microsoft Virtual Hard Drive:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26688 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Security Zone Mapping:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27737 | 8,60 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
OpenSSH for Windows:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27731 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Secure Channel:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27492 | 7,00 | Verkrijgen van verhoogde rechten |
| CVE-2025-26649 | 7,00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Remote Desktop Gateway Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27480 | 8,10 | Uitvoeren van willekeurige code |
| CVE-2025-27482 | 8,10 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Win32K - GRFX:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26681 | 6,70 | Verkrijgen van verhoogde rechten |
| CVE-2025-26687 | 7,50 | Verkrijgen van verhoogde rechten |
| CVE-2025-27732 | 7,00 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Media:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26666 | 7,80 | Uitvoeren van willekeurige code |
| CVE-2025-26674 | 7,80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows Common Log File System Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-29824 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows HTTP.sys:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27473 | 7,50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Local Session Manager (LSM):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26651 | 6,50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows USB Print Driver:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26639 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows TCP/IP:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26686 | 7,50 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows LDAP - Lightweight Directory Access Protocol:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26670 | 8,10 | Uitvoeren van willekeurige code |
| CVE-2025-27469 | 7,50 | Denial-of-Service |
| CVE-2025-26663 | 8,10 | Uitvoeren van willekeurige code |
| CVE-2025-26673 | 7,50 | Denial-of-Service |
|----------------|------|-------------------------------------|
Windows Universal Plug and Play (UPnP) Device Host:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27484 | 7,50 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Telephony Service:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-21205 | 8,80 | Uitvoeren van willekeurige code |
| CVE-2025-21221 | 8,80 | Uitvoeren van willekeurige code |
| CVE-2025-21222 | 8,80 | Uitvoeren van willekeurige code |
| CVE-2025-27477 | 8,80 | Uitvoeren van willekeurige code |
| CVE-2025-27481 | 8,80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Windows DWM Core Library:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-24073 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-24062 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-24058 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-24074 | 7,80 | Verkrijgen van verhoogde rechten |
| CVE-2025-24060 | 7,80 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows BitLocker:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26637 | 6,80 | Omzeilen van beveiligingsmaatregel, Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
Windows Defender Application Control (WDAC):
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-26678 | 8,40 | Omzeilen van beveiligingsmaatregel |
|----------------|------|-------------------------------------|
Windows Shell:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-27729 | 7,80 | Uitvoeren van willekeurige code |
|----------------|------|-------------------------------------|
Active Directory Domain Services:
|----------------|------|-------------------------------------|
| CVE-ID | CVSS | Impact |
|----------------|------|-------------------------------------|
| CVE-2025-29810 | 7,50 | Verkrijgen van verhoogde rechten |
|----------------|------|-------------------------------------|
```
Oplossingen
Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:
https://portal.msrc.microsoft.com/en-us/security-guidance
Dreigingsinformatie
Kans
medium
Schade
high
CWE-591
Sensitive Data Storage in Improperly Locked Memory
CWE-1240
Use of a Cryptographic Primitive with a Risky Implementation
CWE-749
Exposed Dangerous Method or Function
CWE-1390
Weak Authentication
CWE-1039
Inadequate Detection or Handling of Adversarial Input Perturbations in Automated Recognition Mechanism
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-922
Insecure Storage of Sensitive Information
CWE-822
Untrusted Pointer Dereference
CWE-126
Buffer Over-read
CWE-410
Insufficient Resource Pool
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-415
Double Free
CWE-908
Use of Uninitialized Resource
CWE-345
Insufficient Verification of Data Authenticity
CWE-190
Integer Overflow or Wraparound
CWE-693
Protection Mechanism Failure
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-125
Out-of-bounds Read
CWE-284
Improper Access Control
CWE-416
Use After Free
CWE-400
Uncontrolled Resource Consumption
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Microsoft heeft kwetsbaarheden verholpen in Windows.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Omzeilen van beveiligingsmaatregel\n- Uitvoer van willekeurige code (root/adminrechten)\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Verkrijgen van verhoogde rechten\n- Toegang tot gevoelige gegevens\n- Voordoen als andere gebruiker\n\nVan de kwetsbaarheid met kenmerk CVE-2025-29824 geeft Microsoft aan dat deze eerder actief is misbruikt als zero-day. Er is geen publieke Proof-of-Concept (PoC) of exploitcode bekend. Een kwaadwillende die met succes deze kwetsbaarheid misbruikt, zou SYSTEM-rechten kunnen verkrijgen.\n\n```\nWindows Subsystem for Linux: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26675 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows upnphost.dll: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26665 | 7,00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Mark of the Web (MOTW): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27472 | 5,40 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26671 | 8,10 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Update Stack: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21204 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27475 | 7,00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Mobile Broadband: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-29811 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Standards-Based Storage Management Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27470 | 7,50 | Denial-of-Service | \n| CVE-2025-27486 | 7,50 | Denial-of-Service | \n| CVE-2025-26652 | 7,50 | Denial-of-Service | \n| CVE-2025-26680 | 7,50 | Denial-of-Service | \n| CVE-2025-27485 | 7,50 | Denial-of-Service | \n| CVE-2025-21174 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Digital Media: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26640 | 7,00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27467 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27476 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27730 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kernel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26648 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27739 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nRemote Desktop Client: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27487 | 8,00 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Virtualization-Based Security (VBS) Enclave: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27735 | 6,00 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27728 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Resilient File System (ReFS): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27738 | 6,50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Active Directory Certificate Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27740 | 8,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Power Dependency Coordinator: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27736 | 5,50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Installer: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27727 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Bluetooth Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27490 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Hello: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26635 | 6,50 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-26644 | 6,20 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows Local Security Authority (LSA): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21191 | 7,00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27478 | 7,00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nRPC Endpoint Mapper Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26679 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kerberos: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-29809 | 7,10 | Omzeilen van beveiligingsmaatregel | \n| CVE-2025-26647 | 8,10 | Voordoen als andere gebruiker | \n| CVE-2025-27479 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Cryptographic Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26641 | 7,50 | Denial-of-Service | \n| CVE-2025-29808 | 5,50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows NTFS: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27483 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27742 | 5,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21197 | 6,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-27733 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27741 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Routing and Remote Access Service (RRAS): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26667 | 6,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-26672 | 6,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-26676 | 6,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-27474 | 6,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-21203 | 6,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-26664 | 6,50 | Toegang tot gevoelige gegevens | \n| CVE-2025-26668 | 7,50 | Uitvoeren van willekeurige code | \n| CVE-2025-26669 | 8,80 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27491 | 7,10 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nMicrosoft Streaming Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27471 | 5,90 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Kernel Memory: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-29812 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Virtual Hard Drive: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26688 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Security Zone Mapping: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27737 | 8,60 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nOpenSSH for Windows: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27731 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Secure Channel: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27492 | 7,00 | Verkrijgen van verhoogde rechten | \n| CVE-2025-26649 | 7,00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nRemote Desktop Gateway Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27480 | 8,10 | Uitvoeren van willekeurige code | \n| CVE-2025-27482 | 8,10 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26681 | 6,70 | Verkrijgen van verhoogde rechten | \n| CVE-2025-26687 | 7,50 | Verkrijgen van verhoogde rechten | \n| CVE-2025-27732 | 7,00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Media: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26666 | 7,80 | Uitvoeren van willekeurige code | \n| CVE-2025-26674 | 7,80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Common Log File System Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-29824 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows HTTP.sys: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27473 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Local Session Manager (LSM): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26651 | 6,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows USB Print Driver: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26639 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26686 | 7,50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows LDAP - Lightweight Directory Access Protocol: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26670 | 8,10 | Uitvoeren van willekeurige code | \n| CVE-2025-27469 | 7,50 | Denial-of-Service | \n| CVE-2025-26663 | 8,10 | Uitvoeren van willekeurige code | \n| CVE-2025-26673 | 7,50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Universal Plug and Play (UPnP) Device Host: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27484 | 7,50 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Telephony Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-21205 | 8,80 | Uitvoeren van willekeurige code | \n| CVE-2025-21221 | 8,80 | Uitvoeren van willekeurige code | \n| CVE-2025-21222 | 8,80 | Uitvoeren van willekeurige code | \n| CVE-2025-27477 | 8,80 | Uitvoeren van willekeurige code | \n| CVE-2025-27481 | 8,80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows DWM Core Library: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-24073 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-24062 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-24058 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-24074 | 7,80 | Verkrijgen van verhoogde rechten | \n| CVE-2025-24060 | 7,80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows BitLocker: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26637 | 6,80 | Omzeilen van beveiligingsmaatregel, Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Defender Application Control (WDAC): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-26678 | 8,40 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Shell: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-27729 | 7,80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nActive Directory Domain Services: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2025-29810 | 7,50 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n```\n",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance",
"title": "Oplossingen"
},
{
"category": "description",
"text": " ",
"title": "Dreigingsinformatie"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
},
{
"category": "general",
"text": "Use of a Cryptographic Primitive with a Risky Implementation",
"title": "CWE-1240"
},
{
"category": "general",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
},
{
"category": "general",
"text": "Weak Authentication",
"title": "CWE-1390"
},
{
"category": "general",
"text": "Inadequate Detection or Handling of Adversarial Input Perturbations in Automated Recognition Mechanism",
"title": "CWE-1039"
},
{
"category": "general",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "general",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
},
{
"category": "general",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
},
{
"category": "general",
"text": "Buffer Over-read",
"title": "CWE-126"
},
{
"category": "general",
"text": "Insufficient Resource Pool",
"title": "CWE-410"
},
{
"category": "general",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"title": "Kwetsbaarheden verholpen in Microsoft Windows",
"tracking": {
"current_release_date": "2025-04-08T18:57:53.660384Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0112",
"initial_release_date": "2025-04-08T18:57:53.660384Z",
"revision_history": [
{
"date": "2025-04-08T18:57:53.660384Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/unknown",
"product": {
"name": "vers:microsoft/unknown",
"product_id": "CSAFPID-1560265",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:office:*:*:android:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Microsoft Office for Android"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/unknown",
"product": {
"name": "vers:microsoft/unknown",
"product_id": "CSAFPID-1560266",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:office:*:*:universal:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Microsoft Office for Universal"
}
],
"category": "product_family",
"name": "Microsoft Office"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/unknown",
"product": {
"name": "vers:microsoft/unknown",
"product_id": "CSAFPID-1440176",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:remote_desktop:-:*:*:*:*:windows:*:*"
}
}
}
],
"category": "product_name",
"name": "Remote Desktop client for Windows Desktop"
},
{
"category": "product_version_range",
"name": "vers:unknown/unknown",
"product": {
"name": "vers:unknown/unknown",
"product_id": "CSAFPID-1332109"
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.14393.7970",
"product": {
"name": "vers:microsoft/10.0.14393.7970",
"product_id": "CSAFPID-2633264",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7970:*:*:*:*:*:x86:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.14393.7970",
"product": {
"name": "vers:microsoft/10.0.14393.7970",
"product_id": "CSAFPID-2633265",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.7970:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1607 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.17763.7137",
"product": {
"name": "vers:microsoft/10.0.17763.7137",
"product_id": "CSAFPID-2633241",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7137:*:*:*:*:*:x86:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.17763.7137",
"product": {
"name": "vers:microsoft/10.0.17763.7137",
"product_id": "CSAFPID-2633242",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.7137:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.19044.5737",
"product": {
"name": "vers:microsoft/10.0.19044.5737",
"product_id": "CSAFPID-2633247",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.5737:*:*:*:*:*:x86:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.19044.5737",
"product": {
"name": "vers:microsoft/10.0.19044.5737",
"product_id": "CSAFPID-2633248",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.5737:*:*:*:*:*:arm64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.19044.5737",
"product": {
"name": "vers:microsoft/10.0.19044.5737",
"product_id": "CSAFPID-2633249",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.5737:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.19045.5737",
"product": {
"name": "vers:microsoft/10.0.19045.5737",
"product_id": "CSAFPID-2633254",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.5737:*:*:*:*:*:x86:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.19045.5737",
"product": {
"name": "vers:microsoft/10.0.19045.5737",
"product_id": "CSAFPID-2633253",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.5737:*:*:*:*:*:arm64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.19045.5737",
"product": {
"name": "vers:microsoft/10.0.19045.5737",
"product_id": "CSAFPID-2633252",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_22H2:10.0.19045.5737:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/unknown",
"product": {
"name": "vers:microsoft/unknown",
"product_id": "CSAFPID-2633262",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/unknown",
"product": {
"name": "vers:microsoft/unknown",
"product_id": "CSAFPID-2633263",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 10 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.22621.5191",
"product": {
"name": "vers:microsoft/10.0.22621.5191",
"product_id": "CSAFPID-2633250",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.5191:*:*:*:*:*:arm64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.22621.5191",
"product": {
"name": "vers:microsoft/10.0.22621.5191",
"product_id": "CSAFPID-2633251",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.5191:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.22621.5191",
"product": {
"name": "vers:microsoft/10.0.22621.5191",
"product_id": "CSAFPID-2633256",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22621.5191:*:*:*:*:*:arm64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.22631.5191",
"product": {
"name": "vers:microsoft/10.0.22631.5191",
"product_id": "CSAFPID-2633257",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.5191:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.26100.3775",
"product": {
"name": "vers:microsoft/10.0.26100.3775",
"product_id": "CSAFPID-2633259",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_11_24H2:10.0.26100.3775:*:*:*:*:*:arm64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.26100.3775",
"product": {
"name": "vers:microsoft/10.0.26100.3775",
"product_id": "CSAFPID-2633260",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_11_24H2:10.0.26100.3775:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/unknown",
"product": {
"name": "vers:microsoft/unknown",
"product_id": "CSAFPID-1440177",
"product_identification_helper": {
"cpe": "cpe:2.3:a:microsoft:windows_app_client_for_windows_desktop:*:*:*:*:*:windows:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows App Client for Windows Desktop"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.14393.7970",
"product": {
"name": "vers:microsoft/10.0.14393.7970",
"product_id": "CSAFPID-2633266",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7970:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2016"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.14393.7970",
"product": {
"name": "vers:microsoft/10.0.14393.7970",
"product_id": "CSAFPID-2633267",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.7970:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2016 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.17763.7137",
"product": {
"name": "vers:microsoft/10.0.17763.7137",
"product_id": "CSAFPID-2633243",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.7137:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.17763.7137",
"product": {
"name": "vers:microsoft/10.0.17763.7137",
"product_id": "CSAFPID-2633244",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.7137:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.20348.3454",
"product": {
"name": "vers:microsoft/10.0.20348.3454",
"product_id": "CSAFPID-2633245",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.3454:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.20348.3454",
"product": {
"name": "vers:microsoft/10.0.20348.3454",
"product_id": "CSAFPID-2633246",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.3454:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.25398.1551",
"product": {
"name": "vers:microsoft/10.0.25398.1551",
"product_id": "CSAFPID-2633258",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_23h2:10.0.25398.1551:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.26100.3775",
"product": {
"name": "vers:microsoft/10.0.26100.3775",
"product_id": "CSAFPID-2633261",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3775:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/10.0.26100.3775",
"product": {
"name": "vers:microsoft/10.0.26100.3775",
"product_id": "CSAFPID-2633255",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2025:10.0.26100.3775:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
}
],
"category": "product_family",
"name": "Windows"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.1.7601.27670",
"product": {
"name": "vers:microsoft/6.1.7601.27670",
"product_id": "CSAFPID-2633272",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.27670:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.1.7601.27670",
"product": {
"name": "vers:microsoft/6.1.7601.27670",
"product_id": "CSAFPID-2633273",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.27670:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.0.6003.23220",
"product": {
"name": "vers:microsoft/6.0.6003.23220",
"product_id": "CSAFPID-2633268",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.23220:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.0.6003.23220",
"product": {
"name": "vers:microsoft/6.0.6003.23220",
"product_id": "CSAFPID-2633269",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.23220:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.0.6003.23220",
"product": {
"name": "vers:microsoft/6.0.6003.23220",
"product_id": "CSAFPID-2633270",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.23220:*:*:*:*:*:x86:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for x64-based Systems Service Pack 2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.0.6003.23220",
"product": {
"name": "vers:microsoft/6.0.6003.23220",
"product_id": "CSAFPID-2633271",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.23220:*:*:*:*:*:x86:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.2.9200.25423",
"product": {
"name": "vers:microsoft/6.2.9200.25423",
"product_id": "CSAFPID-2633274",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25423:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2012"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.2.9200.25423",
"product": {
"name": "vers:microsoft/6.2.9200.25423",
"product_id": "CSAFPID-2633275",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.25423:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2012 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.3.9600.22523",
"product": {
"name": "vers:microsoft/6.3.9600.22523",
"product_id": "CSAFPID-2633276",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.22523:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:microsoft/6.3.9600.22523",
"product": {
"name": "vers:microsoft/6.3.9600.22523",
"product_id": "CSAFPID-2633277",
"product_identification_helper": {
"cpe": "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.22523:*:*:*:*:*:x64:*"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2012 R2 (Server Core installation)"
}
],
"category": "product_family",
"name": "ESU"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21174",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21174",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21174.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21174"
},
{
"cve": "CVE-2025-21191",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "other",
"text": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"title": "CWE-367"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21191",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21191.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21191"
},
{
"cve": "CVE-2025-21197",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21197",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21197.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21197"
},
{
"cve": "CVE-2025-21203",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21203",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21203.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21203"
},
{
"cve": "CVE-2025-21204",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21204",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21204.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21204"
},
{
"cve": "CVE-2025-21205",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21205",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21205.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21205"
},
{
"cve": "CVE-2025-21221",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21221",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21221.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21221"
},
{
"cve": "CVE-2025-21222",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21222",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21222.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-21222"
},
{
"cve": "CVE-2025-24058",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24058",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24058.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-24058"
},
{
"cve": "CVE-2025-24060",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24060",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24060.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-24060"
},
{
"cve": "CVE-2025-24062",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24062",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24062.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-24062"
},
{
"cve": "CVE-2025-24073",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24073",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24073.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-24073"
},
{
"cve": "CVE-2025-24074",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24074",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24074.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-24074"
},
{
"cve": "CVE-2025-26635",
"cwe": {
"id": "CWE-1390",
"name": "Weak Authentication"
},
"notes": [
{
"category": "other",
"text": "Weak Authentication",
"title": "CWE-1390"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26635",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26635.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26635"
},
{
"cve": "CVE-2025-26637",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26637",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26637.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26637"
},
{
"cve": "CVE-2025-26639",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26639",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26639.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26639"
},
{
"cve": "CVE-2025-26640",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26640",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26640.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26640"
},
{
"cve": "CVE-2025-26641",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26641",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26641.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26641"
},
{
"cve": "CVE-2025-26644",
"cwe": {
"id": "CWE-1039",
"name": "Inadequate Detection or Handling of Adversarial Input Perturbations in Automated Recognition Mechanism"
},
"notes": [
{
"category": "other",
"text": "Inadequate Detection or Handling of Adversarial Input Perturbations in Automated Recognition Mechanism",
"title": "CWE-1039"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26644",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26644.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26644"
},
{
"cve": "CVE-2025-26647",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26647",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26647.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26647"
},
{
"cve": "CVE-2025-26648",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26648",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26648.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26648"
},
{
"cve": "CVE-2025-26649",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26649",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26649.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26649"
},
{
"cve": "CVE-2025-26651",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"notes": [
{
"category": "other",
"text": "Exposed Dangerous Method or Function",
"title": "CWE-749"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26651",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26651.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26651"
},
{
"cve": "CVE-2025-26652",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26652",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26652.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26652"
},
{
"cve": "CVE-2025-26663",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26663",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26663.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26663"
},
{
"cve": "CVE-2025-26664",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26664",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26664.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26664"
},
{
"cve": "CVE-2025-26665",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26665",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26665.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26665"
},
{
"cve": "CVE-2025-26666",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26666",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26666.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26666"
},
{
"cve": "CVE-2025-26667",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26667",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26667.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26667"
},
{
"cve": "CVE-2025-26668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26668",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26668.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26668"
},
{
"cve": "CVE-2025-26669",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26669",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26669.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26669"
},
{
"cve": "CVE-2025-26670",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26670",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26670.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26670"
},
{
"cve": "CVE-2025-26671",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26671",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26671.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26671"
},
{
"cve": "CVE-2025-26672",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26672",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26672"
},
{
"cve": "CVE-2025-26673",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26673",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26673.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26673"
},
{
"cve": "CVE-2025-26674",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26674",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26674.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26674"
},
{
"cve": "CVE-2025-26675",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26675",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26675.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26675"
},
{
"cve": "CVE-2025-26676",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "other",
"text": "Buffer Over-read",
"title": "CWE-126"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26676",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26676.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26676"
},
{
"cve": "CVE-2025-26678",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26678",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26678.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26678"
},
{
"cve": "CVE-2025-26679",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26679",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26679.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26679"
},
{
"cve": "CVE-2025-26680",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26680",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26680.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26680"
},
{
"cve": "CVE-2025-26681",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26681",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26681.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26681"
},
{
"cve": "CVE-2025-26686",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26686",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26686.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26686"
},
{
"cve": "CVE-2025-26687",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26687",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26687.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26687"
},
{
"cve": "CVE-2025-26688",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26688",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26688.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-26688"
},
{
"cve": "CVE-2025-27467",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27467",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27467.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27467"
},
{
"cve": "CVE-2025-27469",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27469.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27469"
},
{
"cve": "CVE-2025-27470",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27470",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27470.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27470"
},
{
"cve": "CVE-2025-27471",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27471",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27471.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27471"
},
{
"cve": "CVE-2025-27472",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"notes": [
{
"category": "other",
"text": "Protection Mechanism Failure",
"title": "CWE-693"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27472",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27472.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27472"
},
{
"cve": "CVE-2025-27473",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27473",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27473.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27473"
},
{
"cve": "CVE-2025-27474",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "other",
"text": "Use of Uninitialized Resource",
"title": "CWE-908"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27474",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27474.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27474"
},
{
"cve": "CVE-2025-27475",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27475",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27475.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27475"
},
{
"cve": "CVE-2025-27476",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27476",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27476.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27476"
},
{
"cve": "CVE-2025-27477",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27477",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27477.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27477"
},
{
"cve": "CVE-2025-27478",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27478",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27478.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27478"
},
{
"cve": "CVE-2025-27479",
"cwe": {
"id": "CWE-410",
"name": "Insufficient Resource Pool"
},
"notes": [
{
"category": "other",
"text": "Insufficient Resource Pool",
"title": "CWE-410"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27479",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27479.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27479"
},
{
"cve": "CVE-2025-27480",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27480",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27480.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27480"
},
{
"cve": "CVE-2025-27481",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27481",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27481.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27481"
},
{
"cve": "CVE-2025-27482",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27482",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27482.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27482"
},
{
"cve": "CVE-2025-27483",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27483",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27483.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27483"
},
{
"cve": "CVE-2025-27484",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27484.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27484"
},
{
"cve": "CVE-2025-27485",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27485",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27485.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27485"
},
{
"cve": "CVE-2025-27486",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27486",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27486.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27486"
},
{
"cve": "CVE-2025-27487",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27487"
},
{
"cve": "CVE-2025-27490",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27490"
},
{
"cve": "CVE-2025-27491",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27491"
},
{
"cve": "CVE-2025-27492",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27492"
},
{
"cve": "CVE-2025-27727",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27727",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27727.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27727"
},
{
"cve": "CVE-2025-27728",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27728",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27728.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27728"
},
{
"cve": "CVE-2025-27729",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27729",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27729.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27729"
},
{
"cve": "CVE-2025-27730",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27730",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27730.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27730"
},
{
"cve": "CVE-2025-27731",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27731",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27731.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27731"
},
{
"cve": "CVE-2025-27732",
"cwe": {
"id": "CWE-591",
"name": "Sensitive Data Storage in Improperly Locked Memory"
},
"notes": [
{
"category": "other",
"text": "Sensitive Data Storage in Improperly Locked Memory",
"title": "CWE-591"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27732",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27732.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27732"
},
{
"cve": "CVE-2025-27733",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27733",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27733.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27733"
},
{
"cve": "CVE-2025-27735",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27735",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27735.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27735"
},
{
"cve": "CVE-2025-27736",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27736",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27736.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27736"
},
{
"cve": "CVE-2025-27737",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27737",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27737.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27737"
},
{
"cve": "CVE-2025-27738",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27738",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27738.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27738"
},
{
"cve": "CVE-2025-27739",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27739",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27739.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27739"
},
{
"cve": "CVE-2025-27740",
"cwe": {
"id": "CWE-1390",
"name": "Weak Authentication"
},
"notes": [
{
"category": "other",
"text": "Weak Authentication",
"title": "CWE-1390"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27740",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27740.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27740"
},
{
"cve": "CVE-2025-27741",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27741",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27741.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27741"
},
{
"cve": "CVE-2025-27742",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27742",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27742.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-27742"
},
{
"cve": "CVE-2025-29808",
"cwe": {
"id": "CWE-1240",
"name": "Use of a Cryptographic Primitive with a Risky Implementation"
},
"notes": [
{
"category": "other",
"text": "Use of a Cryptographic Primitive with a Risky Implementation",
"title": "CWE-1240"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-29808",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29808.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-29808"
},
{
"cve": "CVE-2025-29809",
"cwe": {
"id": "CWE-922",
"name": "Insecure Storage of Sensitive Information"
},
"notes": [
{
"category": "other",
"text": "Insecure Storage of Sensitive Information",
"title": "CWE-922"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-29809",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29809.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-29809"
},
{
"cve": "CVE-2025-29810",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-29810",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29810.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-29810"
},
{
"cve": "CVE-2025-29811",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-29811",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29811.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-29811"
},
{
"cve": "CVE-2025-29812",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "Untrusted Pointer Dereference",
"title": "CWE-822"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-29812",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29812.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-29812"
},
{
"cve": "CVE-2025-29824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-29824",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-29824.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1560265",
"CSAFPID-1560266",
"CSAFPID-1440176",
"CSAFPID-1332109",
"CSAFPID-2633264",
"CSAFPID-2633265",
"CSAFPID-2633241",
"CSAFPID-2633242",
"CSAFPID-2633247",
"CSAFPID-2633248",
"CSAFPID-2633249",
"CSAFPID-2633254",
"CSAFPID-2633253",
"CSAFPID-2633252",
"CSAFPID-2633262",
"CSAFPID-2633263",
"CSAFPID-2633250",
"CSAFPID-2633251",
"CSAFPID-2633256",
"CSAFPID-2633257",
"CSAFPID-2633259",
"CSAFPID-2633260",
"CSAFPID-1440177",
"CSAFPID-2633272",
"CSAFPID-2633273",
"CSAFPID-2633268",
"CSAFPID-2633269",
"CSAFPID-2633270",
"CSAFPID-2633271",
"CSAFPID-2633274",
"CSAFPID-2633275",
"CSAFPID-2633276",
"CSAFPID-2633277",
"CSAFPID-2633266",
"CSAFPID-2633267",
"CSAFPID-2633243",
"CSAFPID-2633244",
"CSAFPID-2633245",
"CSAFPID-2633246",
"CSAFPID-2633258",
"CSAFPID-2633261",
"CSAFPID-2633255"
]
}
],
"title": "CVE-2025-29824"
}
]
}
wid-sec-w-2025-0744
Vulnerability from csaf_certbund
Published
2025-04-08 22:00
Modified
2025-06-10 22:00
Summary
Microsoft Windows: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Windows ist ein Betriebssystem von Microsoft.
Windows Server 2016 ist ein Betriebssystem von Microsoft.
Windows Server 2019 ist ein Betriebssystem von Microsoft.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Microsoft Windows Server, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows, Microsoft Windows Server 2022 und Microsoft Windows 11 ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, vertrauliche Informationen preiszugeben, Sicherheitsmaßnahmen zu umgehen, einen Spoofing-Angriff durchzuführen und eine Denial-of-Service-Situation herbeizuführen.
Betroffene Betriebssysteme
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Windows ist ein Betriebssystem von Microsoft.\r\nWindows Server 2016 ist ein Betriebssystem von Microsoft.\r\nWindows Server 2019 ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Windows Server, Microsoft Windows Server 2012, Microsoft Windows Server 2012 R2, Microsoft Windows 10, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows, Microsoft Windows Server 2022 und Microsoft Windows 11 ausnutzen, um seine Privilegien zu erh\u00f6hen, beliebigen Code auszuf\u00fchren, vertrauliche Informationen preiszugeben, Sicherheitsma\u00dfnahmen zu umgehen, einen Spoofing-Angriff durchzuf\u00fchren und eine Denial-of-Service-Situation herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0744 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0744.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0744 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0744"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-304 vom 2025-06-10",
"url": "https://www.hitachi.com/products/it/storage-solutions/sec_info/2025/04.html"
}
],
"source_lang": "en-US",
"title": "Microsoft Windows: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-10T22:00:00.000+00:00",
"generator": {
"date": "2025-06-11T06:28:15.361+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0744",
"initial_release_date": "2025-04-08T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-10158, EUVD-2025-10211, EUVD-2025-10124, EUVD-2025-10125, EUVD-2025-10148, EUVD-2025-10149, EUVD-2025-10150, EUVD-2025-10123, EUVD-2025-10145, EUVD-2025-10152, EUVD-2025-10153, EUVD-2025-10154, EUVD-2025-10157"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2025-10187, EUVD-2025-10243, EUVD-2025-10160, EUVD-2025-10162, EUVD-2025-10159, EUVD-2025-10164, EUVD-2025-10161, EUVD-2025-10156, EUVD-2025-10155, EUVD-2025-10151, EUVD-2025-10176"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von HITACHI aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Virtual Storage Platform",
"product": {
"name": "Hitachi Virtual Storage Platform",
"product_id": "T011055",
"product_identification_helper": {
"cpe": "cpe:/h:hitachi:virtual_storage_platform:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Admin Center",
"product": {
"name": "Microsoft Windows Admin Center",
"product_id": "T042604",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:admin_center"
}
}
},
{
"category": "product_version",
"name": "Remote Desktop client for Desktop",
"product": {
"name": "Microsoft Windows Remote Desktop client for Desktop",
"product_id": "T042605",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:remote_desktop_client_for_desktop"
}
}
},
{
"category": "product_version",
"name": "App Client for Desktop",
"product": {
"name": "Microsoft Windows App Client for Desktop",
"product_id": "T042613",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:app_client_for_desktop"
}
}
}
],
"category": "product_name",
"name": "Windows"
},
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Windows 10",
"product": {
"name": "Microsoft Windows 10",
"product_id": "T042599",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:-"
}
}
},
{
"category": "product_version",
"name": "Version 1607",
"product": {
"name": "Microsoft Windows 10 Version 1607",
"product_id": "T042601",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1607"
}
}
},
{
"category": "product_version",
"name": "Version 1809",
"product": {
"name": "Microsoft Windows 10 Version 1809",
"product_id": "T042602",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_1809"
}
}
},
{
"category": "product_version",
"name": "Version 21H2",
"product": {
"name": "Microsoft Windows 10 Version 21H2",
"product_id": "T042606",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_21h2"
}
}
},
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 10 Version 22H2",
"product_id": "T042608",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_10:version_22h2"
}
}
}
],
"category": "product_name",
"name": "Windows 10"
},
{
"branches": [
{
"category": "product_version",
"name": "Version 22H2",
"product": {
"name": "Microsoft Windows 11 Version 22H2",
"product_id": "T042607",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_22h2"
}
}
},
{
"category": "product_version",
"name": "Version 23H2",
"product": {
"name": "Microsoft Windows 11 Version 23H2",
"product_id": "T042609",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_23h2"
}
}
},
{
"category": "product_version",
"name": "Version 24H2",
"product": {
"name": "Microsoft Windows 11 Version 24H2",
"product_id": "T042611",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_11:version_24h2"
}
}
}
],
"category": "product_name",
"name": "Windows 11"
},
{
"branches": [
{
"category": "product_version",
"name": "2008 R2 SP1",
"product": {
"name": "Microsoft Windows Server 2008 R2 SP1",
"product_id": "T042595",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_r2_sp1"
}
}
},
{
"category": "product_version",
"name": "2008 SP2",
"product": {
"name": "Microsoft Windows Server 2008 SP2",
"product_id": "T042596",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2008_sp2"
}
}
},
{
"category": "product_version",
"name": "2025",
"product": {
"name": "Microsoft Windows Server 2025",
"product_id": "T042612",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server:2025"
}
}
}
],
"category": "product_name",
"name": "Windows Server"
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012",
"product": {
"name": "Microsoft Windows Server 2012",
"product_id": "T042597",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2012 R2",
"product": {
"name": "Microsoft Windows Server 2012 R2",
"product_id": "T042598",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2012_r2:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2016",
"product": {
"name": "Microsoft Windows Server 2016",
"product_id": "T042600",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2016:-"
}
}
},
{
"category": "product_name",
"name": "Microsoft Windows Server 2019",
"product": {
"name": "Microsoft Windows Server 2019",
"product_id": "T042603",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2019:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Microsoft Windows Server 2022",
"product": {
"name": "Microsoft Windows Server 2022",
"product_id": "T041082",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:-"
}
}
},
{
"category": "product_version",
"name": "23H2 Edition",
"product": {
"name": "Microsoft Windows Server 2022 23H2 Edition",
"product_id": "T042610",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows_server_2022:23h2_edition"
}
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
}
],
"category": "vendor",
"name": "Microsoft"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21174",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21174"
},
{
"cve": "CVE-2025-21191",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21191"
},
{
"cve": "CVE-2025-21197",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21197"
},
{
"cve": "CVE-2025-21203",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21203"
},
{
"cve": "CVE-2025-21204",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21204"
},
{
"cve": "CVE-2025-21205",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21205"
},
{
"cve": "CVE-2025-21221",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21221"
},
{
"cve": "CVE-2025-21222",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-21222"
},
{
"cve": "CVE-2025-24058",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-24058"
},
{
"cve": "CVE-2025-24060",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-24060"
},
{
"cve": "CVE-2025-24062",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-24062"
},
{
"cve": "CVE-2025-24073",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-24073"
},
{
"cve": "CVE-2025-24074",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-24074"
},
{
"cve": "CVE-2025-26635",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26635"
},
{
"cve": "CVE-2025-26637",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26637"
},
{
"cve": "CVE-2025-26639",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26639"
},
{
"cve": "CVE-2025-26640",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26640"
},
{
"cve": "CVE-2025-26641",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26641"
},
{
"cve": "CVE-2025-26644",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26644"
},
{
"cve": "CVE-2025-26647",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26647"
},
{
"cve": "CVE-2025-26648",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26648"
},
{
"cve": "CVE-2025-26649",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26649"
},
{
"cve": "CVE-2025-26651",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26651"
},
{
"cve": "CVE-2025-26652",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26652"
},
{
"cve": "CVE-2025-26663",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26663"
},
{
"cve": "CVE-2025-26664",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26664"
},
{
"cve": "CVE-2025-26665",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26665"
},
{
"cve": "CVE-2025-26666",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26666"
},
{
"cve": "CVE-2025-26667",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26667"
},
{
"cve": "CVE-2025-26668",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26668"
},
{
"cve": "CVE-2025-26669",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26669"
},
{
"cve": "CVE-2025-26670",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26670"
},
{
"cve": "CVE-2025-26671",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26671"
},
{
"cve": "CVE-2025-26672",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26672"
},
{
"cve": "CVE-2025-26673",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26673"
},
{
"cve": "CVE-2025-26674",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26674"
},
{
"cve": "CVE-2025-26675",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26675"
},
{
"cve": "CVE-2025-26676",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26676"
},
{
"cve": "CVE-2025-26678",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26678"
},
{
"cve": "CVE-2025-26679",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26679"
},
{
"cve": "CVE-2025-26680",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26680"
},
{
"cve": "CVE-2025-26681",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26681"
},
{
"cve": "CVE-2025-26686",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26686"
},
{
"cve": "CVE-2025-26687",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26687"
},
{
"cve": "CVE-2025-26688",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-26688"
},
{
"cve": "CVE-2025-27467",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27467"
},
{
"cve": "CVE-2025-27469",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27469"
},
{
"cve": "CVE-2025-27470",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27470"
},
{
"cve": "CVE-2025-27471",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27471"
},
{
"cve": "CVE-2025-27472",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27472"
},
{
"cve": "CVE-2025-27473",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27473"
},
{
"cve": "CVE-2025-27474",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27474"
},
{
"cve": "CVE-2025-27475",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27475"
},
{
"cve": "CVE-2025-27476",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27476"
},
{
"cve": "CVE-2025-27477",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27477"
},
{
"cve": "CVE-2025-27478",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27478"
},
{
"cve": "CVE-2025-27479",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27479"
},
{
"cve": "CVE-2025-27480",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27480"
},
{
"cve": "CVE-2025-27481",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27481"
},
{
"cve": "CVE-2025-27482",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27482"
},
{
"cve": "CVE-2025-27483",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27483"
},
{
"cve": "CVE-2025-27484",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27484"
},
{
"cve": "CVE-2025-27485",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27485"
},
{
"cve": "CVE-2025-27486",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27486"
},
{
"cve": "CVE-2025-27487",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27487"
},
{
"cve": "CVE-2025-27490",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27490"
},
{
"cve": "CVE-2025-27491",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27491"
},
{
"cve": "CVE-2025-27492",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27492"
},
{
"cve": "CVE-2025-27727",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27727"
},
{
"cve": "CVE-2025-27728",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27728"
},
{
"cve": "CVE-2025-27729",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27729"
},
{
"cve": "CVE-2025-27730",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27730"
},
{
"cve": "CVE-2025-27731",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27731"
},
{
"cve": "CVE-2025-27732",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27732"
},
{
"cve": "CVE-2025-27733",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27733"
},
{
"cve": "CVE-2025-27735",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27735"
},
{
"cve": "CVE-2025-27736",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27736"
},
{
"cve": "CVE-2025-27737",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27737"
},
{
"cve": "CVE-2025-27738",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27738"
},
{
"cve": "CVE-2025-27739",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27739"
},
{
"cve": "CVE-2025-27740",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27740"
},
{
"cve": "CVE-2025-27741",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27741"
},
{
"cve": "CVE-2025-27742",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-27742"
},
{
"cve": "CVE-2025-29808",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-29808"
},
{
"cve": "CVE-2025-29809",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-29809"
},
{
"cve": "CVE-2025-29810",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-29810"
},
{
"cve": "CVE-2025-29811",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-29811"
},
{
"cve": "CVE-2025-29812",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-29812"
},
{
"cve": "CVE-2025-29819",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-29819"
},
{
"cve": "CVE-2025-29824",
"product_status": {
"known_affected": [
"T042604",
"T011055",
"T042605",
"T042606",
"T042607",
"T042608",
"T042609",
"T042596",
"T042597",
"T042598",
"T042599",
"T042610",
"T042600",
"T042611",
"T042601",
"T042612",
"T041082",
"T042602",
"T042613",
"T042603",
"T042595"
]
},
"release_date": "2025-04-08T22:00:00.000+00:00",
"title": "CVE-2025-29824"
}
]
}
msrc_cve-2025-24074
Vulnerability from csaf_microsoft
Published
2025-04-08 07:00
Modified
2025-04-08 07:00
Summary
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action
Required. The vulnerability documented by this CVE requires customer action to resolve.
{
"document": {
"acknowledgments": [
{
"names": [
"YanZiShuang@BigCJTeam of cyberkl"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074"
},
{
"category": "self",
"summary": "CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-24074.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Microsoft DWM Core Library Elevation of Privilege Vulnerability",
"tracking": {
"current_release_date": "2025-04-08T07:00:00.000Z",
"generator": {
"date": "2025-07-22T19:57:31.438Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-24074",
"initial_release_date": "2025-04-08T07:00:00.000Z",
"revision_history": [
{
"date": "2025-04-08T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.7136",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems \u003c10.0.17763.7136",
"product_id": "21"
}
},
{
"category": "product_version",
"name": "10.0.17763.7136",
"product": {
"name": "Windows 10 Version 1809 for 32-bit Systems 10.0.17763.7136",
"product_id": "11568"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.7136",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems \u003c10.0.17763.7136",
"product_id": "20"
}
},
{
"category": "product_version",
"name": "10.0.17763.7136",
"product": {
"name": "Windows 10 Version 1809 for x64-based Systems 10.0.17763.7136",
"product_id": "11569"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 1809 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.7136",
"product": {
"name": "Windows Server 2019 \u003c10.0.17763.7136",
"product_id": "19"
}
},
{
"category": "product_version",
"name": "10.0.17763.7136",
"product": {
"name": "Windows Server 2019 10.0.17763.7136",
"product_id": "11571"
}
}
],
"category": "product_name",
"name": "Windows Server 2019"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.17763.7136",
"product": {
"name": "Windows Server 2019 (Server Core installation) \u003c10.0.17763.7136",
"product_id": "18"
}
},
{
"category": "product_version",
"name": "10.0.17763.7136",
"product": {
"name": "Windows Server 2019 (Server Core installation) 10.0.17763.7136",
"product_id": "11572"
}
}
],
"category": "product_name",
"name": "Windows Server 2019 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.3453",
"product": {
"name": "Windows Server 2022 \u003c10.0.20348.3453",
"product_id": "17"
}
},
{
"category": "product_version",
"name": "10.0.20348.3453",
"product": {
"name": "Windows Server 2022 10.0.20348.3453",
"product_id": "11923"
}
}
],
"category": "product_name",
"name": "Windows Server 2022"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.20348.3453",
"product": {
"name": "Windows Server 2022 (Server Core installation) \u003c10.0.20348.3453",
"product_id": "16"
}
},
{
"category": "product_version",
"name": "10.0.20348.3453",
"product": {
"name": "Windows Server 2022 (Server Core installation) 10.0.20348.3453",
"product_id": "11924"
}
}
],
"category": "product_name",
"name": "Windows Server 2022 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.5737",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems \u003c10.0.19044.5737",
"product_id": "15"
}
},
{
"category": "product_version",
"name": "10.0.19044.5737",
"product": {
"name": "Windows 10 Version 21H2 for 32-bit Systems 10.0.19044.5737",
"product_id": "11929"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.5737",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems \u003c10.0.19044.5737",
"product_id": "14"
}
},
{
"category": "product_version",
"name": "10.0.19044.5737",
"product": {
"name": "Windows 10 Version 21H2 for ARM64-based Systems 10.0.19044.5737",
"product_id": "11930"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19044.5737",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems \u003c10.0.19044.5737",
"product_id": "13"
}
},
{
"category": "product_version",
"name": "10.0.19044.5737",
"product": {
"name": "Windows 10 Version 21H2 for x64-based Systems 10.0.19044.5737",
"product_id": "11931"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 21H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22621.5189",
"product": {
"name": "Windows 11 Version 22H2 for ARM64-based Systems \u003c10.0.22621.5189",
"product_id": "12"
}
},
{
"category": "product_version",
"name": "10.0.22621.5189",
"product": {
"name": "Windows 11 Version 22H2 for ARM64-based Systems 10.0.22621.5189",
"product_id": "12085"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22621.5189",
"product": {
"name": "Windows 11 Version 22H2 for x64-based Systems \u003c10.0.22621.5189",
"product_id": "11"
}
},
{
"category": "product_version",
"name": "10.0.22621.5189",
"product": {
"name": "Windows 11 Version 22H2 for x64-based Systems 10.0.22621.5189",
"product_id": "12086"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.5737",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems \u003c10.0.19045.5737",
"product_id": "10"
}
},
{
"category": "product_version",
"name": "10.0.19045.5737",
"product": {
"name": "Windows 10 Version 22H2 for x64-based Systems 10.0.19045.5737",
"product_id": "12097"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.5737",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems \u003c10.0.19045.5737",
"product_id": "9"
}
},
{
"category": "product_version",
"name": "10.0.19045.5737",
"product": {
"name": "Windows 10 Version 22H2 for ARM64-based Systems 10.0.19045.5737",
"product_id": "12098"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.19045.5737",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems \u003c10.0.19045.5737",
"product_id": "8"
}
},
{
"category": "product_version",
"name": "10.0.19045.5737",
"product": {
"name": "Windows 10 Version 22H2 for 32-bit Systems 10.0.19045.5737",
"product_id": "12099"
}
}
],
"category": "product_name",
"name": "Windows 10 Version 22H2 for 32-bit Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.3775",
"product": {
"name": "Windows Server 2025 (Server Core installation) \u003c10.0.26100.3775",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "10.0.26100.3775",
"product": {
"name": "Windows Server 2025 (Server Core installation) 10.0.26100.3775",
"product_id": "12437"
}
}
],
"category": "product_name",
"name": "Windows Server 2025 (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.5189",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems \u003c10.0.22631.5189",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "10.0.22631.5189",
"product": {
"name": "Windows 11 Version 23H2 for ARM64-based Systems 10.0.22631.5189",
"product_id": "12242"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.22631.5189",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems \u003c10.0.22631.5189",
"product_id": "6"
}
},
{
"category": "product_version",
"name": "10.0.22631.5189",
"product": {
"name": "Windows 11 Version 23H2 for x64-based Systems 10.0.22631.5189",
"product_id": "12243"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 23H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.25398.1551",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) \u003c10.0.25398.1551",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "10.0.25398.1551",
"product": {
"name": "Windows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.1551",
"product_id": "12244"
}
}
],
"category": "product_name",
"name": "Windows Server 2022, 23H2 Edition (Server Core installation)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.3775",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems \u003c10.0.26100.3775",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "10.0.26100.3775",
"product": {
"name": "Windows 11 Version 24H2 for ARM64-based Systems 10.0.26100.3775",
"product_id": "12389"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for ARM64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.3775",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems \u003c10.0.26100.3775",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "10.0.26100.3775",
"product": {
"name": "Windows 11 Version 24H2 for x64-based Systems 10.0.26100.3775",
"product_id": "12390"
}
}
],
"category": "product_name",
"name": "Windows 11 Version 24H2 for x64-based Systems"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.26100.3775",
"product": {
"name": "Windows Server 2025 \u003c10.0.26100.3775",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "10.0.26100.3775",
"product": {
"name": "Windows Server 2025 10.0.26100.3775",
"product_id": "12436"
}
}
],
"category": "product_name",
"name": "Windows Server 2025"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24074",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.",
"title": "What privileges could be gained by an attacker who successfully exploited this vulnerability?"
}
],
"product_status": {
"fixed": [
"11568",
"11569",
"11571",
"11572",
"11923",
"11924",
"11929",
"11930",
"11931",
"12085",
"12086",
"12097",
"12098",
"12099",
"12242",
"12243",
"12244",
"12389",
"12390",
"12436",
"12437"
],
"known_affected": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074"
},
{
"category": "self",
"summary": "CVE-2025-24074 Microsoft DWM Core Library Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/advisories/2025/msrc_cve-2025-24074.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.17763.7136:Security Update:https://support.microsoft.com/help/5055519",
"product_ids": [
"21",
"20",
"19",
"18"
],
"url": "https://support.microsoft.com/help/5055519"
},
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.20348.3453:Security Update:https://support.microsoft.com/help/5055526",
"product_ids": [
"17",
"16"
],
"url": "https://support.microsoft.com/help/5055526"
},
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.19044.5737:Security Update:https://support.microsoft.com/help/5055518",
"product_ids": [
"15",
"14",
"13"
],
"url": "https://support.microsoft.com/help/5055518"
},
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.22621.5189:Security Update:https://support.microsoft.com/help/5055528",
"product_ids": [
"12",
"11"
],
"url": "https://support.microsoft.com/help/5055528"
},
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.19045.5737:Security Update:https://support.microsoft.com/help/5055518",
"product_ids": [
"10",
"9",
"8"
],
"url": "https://support.microsoft.com/help/5055518"
},
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.26100.3775:Security Update:https://support.microsoft.com/help/5055523",
"product_ids": [
"1",
"4",
"3",
"2"
],
"url": "https://support.microsoft.com/help/5055523"
},
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.22631.5189:Security Update:https://support.microsoft.com/help/5055528",
"product_ids": [
"7",
"6"
],
"url": "https://support.microsoft.com/help/5055528"
},
{
"category": "vendor_fix",
"date": "2025-04-08T07:00:00.000Z",
"details": "10.0.25398.1551:Security Update:https://support.microsoft.com/help/5055527",
"product_ids": [
"5"
],
"url": "https://support.microsoft.com/help/5055527"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5",
"6",
"7",
"8",
"9",
"10",
"11",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"20",
"21"
]
}
],
"threats": [
{
"category": "impact",
"details": "Elevation of Privilege"
},
{
"category": "exploit_status",
"details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely"
}
],
"title": "Microsoft DWM Core Library Elevation of Privilege Vulnerability"
}
]
}
ghsa-f4pv-mh4w-365x
Vulnerability from github
Published
2025-04-08 18:34
Modified
2025-04-08 18:34
Severity ?
VLAI Severity ?
Details
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2025-24074"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-08T18:15:46Z",
"severity": "HIGH"
},
"details": "Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-f4pv-mh4w-365x",
"modified": "2025-04-08T18:34:45Z",
"published": "2025-04-08T18:34:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24074"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2025-24074
Vulnerability from fkie_nvd
Published
2025-04-08 18:15
Modified
2025-07-03 13:03
Severity ?
Summary
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "13A4A79D-8D45-48FA-84F5-CE1A78E8E424",
"versionEndExcluding": "10.0.17763.7136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"matchCriteriaId": "03AB53EC-354E-4F30-A278-2835CA341503",
"versionEndExcluding": "10.0.17763.7136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACCA6F4-C140-4B2E-93FF-1B9DC093E831",
"versionEndExcluding": "10.0.19044.5737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09E0970D-79B9-40D9-BFFF-25EE5A686B04",
"versionEndExcluding": "10.0.19045.5737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "350A5C83-A85B-4CC1-81C6-F36C1BE0687E",
"versionEndExcluding": "10.0.22621.5189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "AAB1352F-725F-427E-A3F3-73A48287D0C7",
"versionEndExcluding": "10.0.22621.5189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "0A9C8BFA-DC5B-4E27-AEA1-0CF52B4FDF88",
"versionEndExcluding": "10.0.22631.5189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "1718BEDA-0AF8-4A6D-B053-AE746C7617C8",
"versionEndExcluding": "10.0.22631.5189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*",
"matchCriteriaId": "39A448D0-EB9F-42FE-85A2-A4AA88D4CEBD",
"versionEndExcluding": "10.0.26100.3775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "8B1600DE-F4B9-456C-A42F-5E5CDB2D6DEF",
"versionEndExcluding": "10.0.26100.3775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2941A94-927C-4393-B2A0-4630F03B8B3A",
"versionEndExcluding": "10.0.17763.7136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52706BEC-E3D6-4188-BB88-7078FE4AF970",
"versionEndExcluding": "10.0.20348.3453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "0B42570D-5CFB-4620-8B06-B5752212709A",
"versionEndExcluding": "10.0.25398.1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*",
"matchCriteriaId": "AA03AE1F-F78C-4864-A1B6-15846AAD4899",
"versionEndExcluding": "10.0.26100.3775",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally."
},
{
"lang": "es",
"value": "La validaci\u00f3n de entrada incorrecta en la librer\u00eda principal DWM de Windows permite que un atacante autorizado eleve privilegios localmente."
}
],
"id": "CVE-2025-24074",
"lastModified": "2025-07-03T13:03:00.923",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2025-04-08T18:15:46.740",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…