CVE-2025-40760 — Vulnetix

CVE-2025-40760 PUBLISHED CVSS 5.5 MEDIUM

A vulnerability has been identified in Altair Grid Engine (All versions < V2026.0.0). Affected products do not properly handle error messages and discloses sensitive password hash information when processing user authentication requests. This could allow a local attacker to extract password hashes for privileged accounts, which can then be subjected to offline brute-force attacks.

EPSS 0.02% · 3.2th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.02%

3.2th percentile

Affected Products

Vendor	Product	Versions
Siemens	Altair Grid Engine	0

Timeline

Nov 11, 2025 CVE Published
Nov 11, 2025 PoC Published
Nov 12, 2025 EPSS Score
Nov 13, 2025 PoC Published
Nov 17, 2025 EPSS Score
Nov 22, 2025 EPSS Score
Nov 27, 2025 EPSS Score
Dec 2, 2025 EPSS Score
Dec 8, 2025 EPSS Score
Dec 13, 2025 EPSS Score
Dec 18, 2025 EPSS Score
Dec 23, 2025 EPSS Score

References

https://cert-portal.siemens.com/productcert/html/ssa-514895.html url
https://nvd.nist.gov/vuln/detail/CVE-2025-40760 advisory

Open in Interactive Console →