{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "SAP heeft meerdere kwetsbaarheden verholpen in diverse SAP producten, zoals NetWeaver, NetWeaver Visual Composer, SAP GUI, pcde, Business Objects, HANA en andere componenten.", "title": "Feiten" }, { "category": "description", "text": "De kwetsbaarheden omvatten onder andere een onbeperkte bestandsuploadfout die ongeauthenticeerde gebruikers in staat stelt om kwaadaardige bestanden te uploaden, wat kan leiden tot uitvoer van willekeurige code. Daarnaast zijn er kwetsbaarheden gerapporteerd die voortkomen uit het ontbreken van noodzakelijke autorisatiecontroles, wat kan resulteren in ongeoorloofde toegang tot gevoelige gegevens en privilege-escalatie.\n\nSAP brengt de kwetsbaarheid met kenmerk CVE-2025-31324 opnieuw onder de aandacht. Deze kwetsbaarheid bevindt zich in de NetWeaver Visual Component en is in de maandelijkse update van april verholpen. Deze kwetsbaarheid is echter als ZeroDay actief misbruikt.", "title": "Interpretaties" }, { "category": "description", "text": "SAP heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Neutralization of Parameter/Argument Delimiters", "title": "CWE-141" }, { "category": "general", "text": "Exposed Dangerous Method or Function", "title": "CWE-749" }, { "category": "general", "text": "External Control of Assumed-Immutable Web Parameter", "title": "CWE-472" }, { "category": "general", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" }, { "category": "general", "text": "Plaintext Storage of a Password", "title": "CWE-256" }, { "category": "general", "text": "Unrestricted Upload of File with Dangerous Type", "title": "CWE-434" }, { "category": "general", "text": "Improper Authorization", "title": "CWE-285" }, { "category": "general", "text": "Missing Authorization", "title": "CWE-862" }, { "category": "general", "text": "Improper Control of Generation of Code ('Code Injection')", "title": "CWE-94" }, { "category": "general", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "title": "CWE-79" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Source - sap", "url": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2025.html" } ], "title": "Kwetsbaarheden verholpen in SAP producten", "tracking": { "current_release_date": "2025-05-13T09:05:38.110295Z", "generator": { "date": "2025-02-25T15:15:00Z", "engine": { "name": "V.A.", "version": "1.0" } }, "id": "NCSC-2025-0149", "initial_release_date": "2025-05-13T09:05:38.110295Z", "revision_history": [ { "date": "2025-05-13T09:05:38.110295Z", "number": "1.0.0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:sap/7.50 for visual composer development server", "product": { "name": "vers:sap/7.50 for visual composer development server", "product_id": "CSAFPID-2773833" } }, { "category": "product_version_range", "name": "vers:unknown/7.50", "product": { "name": "vers:unknown/7.50", "product_id": "CSAFPID-1601553" } } ], "category": "product_name", "name": "Netweaver" } ], "category": "product_family", "name": "SAP" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/2025", "product": { "name": "vers:unknown/2025", "product_id": "CSAFPID-2832358" } }, { "category": "product_version_range", "name": "vers:unknown/2027", "product": { "name": "vers:unknown/2027", "product_id": "CSAFPID-2832359" } }, { "category": "product_version_range", "name": "vers:unknown/enterprise430", "product": { "name": "vers:unknown/enterprise430", "product_id": "CSAFPID-2832357" } } ], "category": "product_name", "name": "SAP Business Objects Business Intelligence Platform (PMW)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/sbopdsjobserver4.3", "product": { "name": "vers:unknown/sbopdsjobserver4.3", "product_id": "CSAFPID-2832331" } } ], "category": "product_name", "name": "SAP Data Services Management Console" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/unknown", "product": { "name": "vers:unknown/unknown", "product_id": "CSAFPID-1333259" } } ], "category": "product_name", "name": "NetWeaver" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/ctnr-dme-podfoundation-ms1.0", "product": { "name": "vers:unknown/ctnr-dme-podfoundation-ms1.0", "product_id": "CSAFPID-2832408" } } ], "category": "product_name", "name": "SAP Digital Manufacturing (Production Operator Dashboard)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/bc-fes-gui8.00", "product": { "name": "vers:unknown/bc-fes-gui8.00", "product_id": "CSAFPID-1987640" } } ], "category": "product_name", "name": "SAP GUI for Windows" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/756", "product": { "name": "vers:unknown/756", "product_id": "CSAFPID-2832390" } }, { "category": "product_version_range", "name": "vers:unknown/757", "product": { "name": "vers:unknown/757", "product_id": "CSAFPID-2832391" } }, { "category": "product_version_range", "name": "vers:unknown/758", "product": { "name": "vers:unknown/758", "product_id": "CSAFPID-2832392" } }, { "category": "product_version_range", "name": "vers:unknown/sap_gwfnd752", "product": { "name": "vers:unknown/sap_gwfnd752", "product_id": "CSAFPID-2832386" } } ], "category": "product_name", "name": "SAP Gateway Client" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/106", "product": { "name": "vers:unknown/106", "product_id": "CSAFPID-2832370" } }, { "category": "product_version_range", "name": "vers:unknown/107", "product": { "name": "vers:unknown/107", "product_id": "CSAFPID-2832371" } }, { "category": "product_version_range", "name": "vers:unknown/108", "product": { "name": "vers:unknown/108", "product_id": "CSAFPID-2832372" } } ], "category": "product_name", "name": "SAP Landscape Transformation (PCL Basis)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/vcframework7.50", "product": { "name": "vers:unknown/vcframework7.50", "product_id": "CSAFPID-2770954" } } ], "category": "product_name", "name": "SAP NetWeaver (Visual Composer development server)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/sap_basis756", "product": { "name": "vers:unknown/sap_basis756", "product_id": "CSAFPID-2832405" } }, { "category": "product_version_range", "name": "vers:unknown/sap_basis757", "product": { "name": "vers:unknown/sap_basis757", "product_id": "CSAFPID-2832406" } }, { "category": "product_version_range", "name": "vers:unknown/sap_basis758", "product": { "name": "vers:unknown/sap_basis758", "product_id": "CSAFPID-2832407" } } ], "category": "product_name", "name": "SAP NetWeaver Application Server ABAP and ABAP Platform" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/712", "product": { "name": "vers:unknown/712", "product_id": "CSAFPID-2832354" } }, { "category": "product_version_range", "name": "vers:unknown/713", "product": { "name": "vers:unknown/713", "product_id": "CSAFPID-2832355" } }, { "category": "product_version_range", "name": "vers:unknown/714", "product": { "name": "vers:unknown/714", "product_id": "CSAFPID-2832356" } } ], "category": "product_name", "name": "SAP S/4HANA (Private Cloud & On-Premise)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/712", "product": { "name": "vers:unknown/712", "product_id": "CSAFPID-2832383" } }, { "category": "product_version_range", "name": "vers:unknown/713", "product": { "name": "vers:unknown/713", "product_id": "CSAFPID-2832384" } }, { "category": "product_version_range", "name": "vers:unknown/714", "product": { "name": "vers:unknown/714", "product_id": "CSAFPID-2832385" } } ], "category": "product_name", "name": "SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL))" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/604", "product": { "name": "vers:unknown/604", "product_id": "CSAFPID-2832419" } }, { "category": "product_version_range", "name": "vers:unknown/608", "product": { "name": "vers:unknown/608", "product_id": "CSAFPID-2832420" } } ], "category": "product_name", "name": "SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/104", "product": { "name": "vers:unknown/104", "product_id": "CSAFPID-2832345" } }, { "category": "product_version_range", "name": "vers:unknown/105", "product": { "name": "vers:unknown/105", "product_id": "CSAFPID-2832346" } }, { "category": "product_version_range", "name": "vers:unknown/106", "product": { "name": "vers:unknown/106", "product_id": "CSAFPID-2832347" } } ], "category": "product_name", "name": "SAP S4/HANA (OData meta-data property)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/616", "product": { "name": "vers:unknown/616", "product_id": "CSAFPID-2832427" } }, { "category": "product_version_range", "name": "vers:unknown/617", "product": { "name": "vers:unknown/617", "product_id": "CSAFPID-2832428" } }, { "category": "product_version_range", "name": "vers:unknown/618", "product": { "name": "vers:unknown/618", "product_id": "CSAFPID-2832411" } } ], "category": "product_name", "name": "SAP Service Parts Management (SPM)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-1298148", "product_identification_helper": { "cpe": "cpe:/a:sap:sap:-" } } } ], "category": "product_name", "name": "SAP Software" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/srm_server7.14", "product": { "name": "vers:unknown/srm_server7.14", "product_id": "CSAFPID-2832338" } } ], "category": "product_name", "name": "SAP Supplier Relationship Management (Live Auction Cockpit)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/srm_mdm_cat7.52", "product": { "name": "vers:unknown/srm_mdm_cat7.52", "product_id": "CSAFPID-1987658" } } ], "category": "product_name", "name": "SAP Supplier Relationship Management (Master Data Management Catalog)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/7.50", "product": { "name": "vers:unknown/7.50", "product_id": "CSAFPID-1989115" } } ], "category": "product_name", "name": "netweaver" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/s4core_103", "product": { "name": "vers:unknown/s4core_103", "product_id": "CSAFPID-1111426" } }, { "category": "product_version_range", "name": "vers:unknown/s4coreop_104", "product": { "name": "vers:unknown/s4coreop_104", "product_id": "CSAFPID-1111430" } }, { "category": "product_version_range", "name": "vers:unknown/s4coreop_105", "product": { "name": "vers:unknown/s4coreop_105", "product_id": "CSAFPID-1111425" } } ], "category": "product_name", "name": "pdce" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-180357", "product_identification_helper": { "cpe": "cpe:2.3:a:sap:sap:-:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "sap" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/108", "product": { "name": "vers:unknown/108", "product_id": "CSAFPID-1111423", "product_identification_helper": { "cpe": "cpe:2.3:a:sap:s4coreop:108:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:unknown/107", "product": { "name": "vers:unknown/107", "product_id": "CSAFPID-1111422", "product_identification_helper": { "cpe": "cpe:2.3:a:sap:s4coreop:107:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:unknown/106", "product": { "name": "vers:unknown/106", "product_id": "CSAFPID-1111421", "product_identification_helper": { "cpe": "cpe:2.3:a:sap:s4coreop:106:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "s4coreop" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/s4core_102", "product": { "name": "vers:unknown/s4core_102", "product_id": "CSAFPID-1111412", "product_identification_helper": { "cpe": "cpe:2.3:a:sap_se:sap_pdce:s4core_102:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "sap_pdce" } ], "category": "vendor", "name": "SAP" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-42999", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-42999", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-42999.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "baseScore": 9.1, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-42999" }, { "cve": "CVE-2025-30018", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-30018", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30018.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "baseScore": 8.6, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-30018" }, { "cve": "CVE-2025-43010", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code ('Code Injection')" }, "notes": [ { "category": "other", "text": "Improper Control of Generation of Code ('Code Injection')", "title": "CWE-94" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43010", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43010.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", "baseScore": 8.3, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43010" }, { "cve": "CVE-2025-43000", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "other", "text": "Missing Authorization", "title": "CWE-862" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43000", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43000.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L", "baseScore": 7.9, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43000" }, { "cve": "CVE-2025-43011", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "other", "text": "Missing Authorization", "title": "CWE-862" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43011", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43011.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "baseScore": 7.7, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43011" }, { "cve": "CVE-2024-39592", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "other", "text": "Missing Authorization", "title": "CWE-862" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39592", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39592.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "baseScore": 7.7, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2024-39592" }, { "cve": "CVE-2025-42997", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "other", "text": "Incorrect Permission Assignment for Critical Resource", "title": "CWE-732" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-42997", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-42997.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L", "baseScore": 6.6, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-42997" }, { "cve": "CVE-2025-43003", "cwe": { "id": "CWE-749", "name": "Exposed Dangerous Method or Function" }, "notes": [ { "category": "other", "text": "Exposed Dangerous Method or Function", "title": "CWE-749" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43003", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43003.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L", "baseScore": 6.4, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43003" }, { "cve": "CVE-2025-43009", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "other", "text": "Missing Authorization", "title": "CWE-862" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43009", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43009.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43009" }, { "cve": "CVE-2025-43007", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "other", "text": "Missing Authorization", "title": "CWE-862" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43007", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43007.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43007" }, { "cve": "CVE-2025-31329", "cwe": { "id": "CWE-141", "name": "Improper Neutralization of Parameter/Argument Delimiters" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Parameter/Argument Delimiters", "title": "CWE-141" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-31329", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31329.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N", "baseScore": 6.2, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-31329" }, { "cve": "CVE-2025-43006", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43006", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43006.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43006" }, { "cve": "CVE-2025-43008", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "other", "text": "Missing Authorization", "title": "CWE-862" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43008", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43008.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "baseScore": 5.8, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43008" }, { "cve": "CVE-2025-43004", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "other", "text": "Missing Authorization", "title": "CWE-862" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43004", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43004.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43004" }, { "cve": "CVE-2025-26662", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-26662", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26662.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-26662" }, { "cve": "CVE-2025-43002", "cwe": { "id": "CWE-472", "name": "External Control of Assumed-Immutable Web Parameter" }, "notes": [ { "category": "other", "text": "External Control of Assumed-Immutable Web Parameter", "title": "CWE-472" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43002", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43002.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43002" }, { "cve": "CVE-2025-43005", "cwe": { "id": "CWE-256", "name": "Plaintext Storage of a Password" }, "notes": [ { "category": "other", "text": "Plaintext Storage of a Password", "title": "CWE-256" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-43005", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-43005.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-43005" }, { "cve": "CVE-2025-31324", "cwe": { "id": "CWE-434", "name": "Unrestricted Upload of File with Dangerous Type" }, "notes": [ { "category": "other", "text": "Unrestricted Upload of File with Dangerous Type", "title": "CWE-434" }, { "category": "other", "text": "Improper Authorization", "title": "CWE-285" } ], "product_status": { "known_affected": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] }, "references": [ { "category": "self", "summary": "CVE-2025-31324", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-31324.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 10.0, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2773833", "CSAFPID-1601553", "CSAFPID-2832358", "CSAFPID-2832359", "CSAFPID-2832357", "CSAFPID-2832331", "CSAFPID-1333259", "CSAFPID-2832408", "CSAFPID-1987640", "CSAFPID-2832390", "CSAFPID-2832391", "CSAFPID-2832392", "CSAFPID-2832386", "CSAFPID-2832370", "CSAFPID-2832371", "CSAFPID-2832372", "CSAFPID-2770954", "CSAFPID-2832405", "CSAFPID-2832406", "CSAFPID-2832407", "CSAFPID-2832354", "CSAFPID-2832355", "CSAFPID-2832356", "CSAFPID-2832383", "CSAFPID-2832384", "CSAFPID-2832385", "CSAFPID-2832419", "CSAFPID-2832420", "CSAFPID-2832345", "CSAFPID-2832346", "CSAFPID-2832347", "CSAFPID-2832427", "CSAFPID-2832428", "CSAFPID-2832411", "CSAFPID-1298148", "CSAFPID-2832338", "CSAFPID-1987658", "CSAFPID-1989115", "CSAFPID-1111426", "CSAFPID-1111430", "CSAFPID-1111425", "CSAFPID-180357", "CSAFPID-1111423", "CSAFPID-1111422", "CSAFPID-1111421", "CSAFPID-1111412" ] } ], "title": "CVE-2025-31324" } ] }