CVE-2025-37178 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-37178 PUBLISHED CVSS 5.300000190734863 MEDIUM

Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process.

EPSS 0.06% · 19.5th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Score

0.06%

19.5th percentile

Affected Products

Vendor	Product	Versions
arubanetworks	arubaos	8.6.0.0, 8.11.0.0
Hewlett Packard Enterprise (HPE)	ArubaOS (AOS)	8.12.0.0, 8.10.0.0

Timeline

Jan 13, 2026 CVE Published
Jan 13, 2026 CVE Updated
Jan 14, 2026 EPSS Score
Jan 16, 2026 EPSS Score
Jan 19, 2026 EPSS Score
Jan 21, 2026 EPSS Score
Jan 24, 2026 EPSS Score
Jan 26, 2026 EPSS Score
Jan 28, 2026 EPSS Score
Jan 31, 2026 EPSS Score
Feb 2, 2026 EPSS Score
Feb 5, 2026 EPSS Score

References

Open in Interactive Console →