CVE-2025-54471 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-54471 PUBLISHED CVSS 6.5 MEDIUM

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data.

EPSS 0.04% · 10.6th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.04%

10.6th percentile

Affected Products

Vendor	Product	Versions
github.com	neuvector/neuvector	5.3.0, 0.0.0-20230727023453-1c4957d53911
SUSE	neuvector	5.3.0, 0.0.0-20230727023453-1c4957d53911

Timeline

Oct 21, 2025 CVE Published
Oct 30, 2025 CVE Updated
Oct 30, 2025 EPSS Score
Oct 30, 2025 Coalition ESS Score
Oct 30, 2025 Coalition ESS Score
Oct 30, 2025 PoC Published
Oct 31, 2025 Coalition ESS Score
Nov 4, 2025 EPSS Score
Nov 6, 2025 Coalition ESS Score
Nov 9, 2025 EPSS Score
Nov 14, 2025 EPSS Score
Nov 19, 2025 EPSS Score

References

Open in Interactive Console →