Question 1

What is CVE-2025-27511 — CVE-2025-27511?

Accepted Answer

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to version 2.27.0 of the GeoServer DB2 DataStore Extension, an administrator can perform a JNDI attack through specially crafted DB2 jdbc url leading to to Remote Code Execution (RCE).

Question 2

What is the authoritative source for CVE-2025-27511?

Accepted Answer

CVE-2025-27511 (CVE-2025-27511) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	7.2 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Last modified	2026-06-18

CVE-2025-27511CVE-2025-27511

Description

Scoring