CVE-2025-11026

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-11026

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-11026.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-11026

Published

2025-09-26T15:16:02.967Z

Modified

2025-11-20T12:32:21.840409Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was determined in givanz Vvveb up to 1.0.7.2. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Once again the project maintainer reacted very professional: "I accept the existence of these vulnerabilities. (...) I fixed the code to remove these vulnerabilities and will push the code to github and make a new release."

References

Affected packages

Git / github.com/givanz/vvveb

Affected ranges

Type: GIT
Repo: https://github.com/givanz/vvveb
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

1dda8026605a592dc3018bfa12f5a4307014e227

Affected versions

1.*

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.0.7.1

1.0.7.2