CVE-2025-41646CRITICAL 9.8EPSS p98.4%

CVE-2025-41646CVE-2025-41646

Description

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS39.18% probability of exploitation · percentile 98.4% · 2026-06-18T12:00:27Z
Published2025-06-06
Last modified2025-06-10

Underlying weaknesses· 1

CWE-704

References

  1. https://psirt.kunbus.com/.well-known/csaf/white/2025/kunbus-2025-0000003.json
  2. https://www.kunbus.com/en/productsecurity/Kunbus-2025-0000003

1

TypeTargetConfidenceTier
WeaknessIncorrect Type Conversion or Castcwe-7040%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-25270
CVE
CVE-2025-41651
CVE
CVE-2025-41652
CVE
CVE-2025-41726
CVE
CVE-2025-0593
CVE
CVE-2025-41730
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.