CVE-2025-5088EPSS p23.9%

CVE-2025-5088CVE-2025-5088

Description

An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster. Note that this would require an attacker to have both network access to the Redis service on a CVX server and the Redis password. Please note that all Redis communication, including authentication, occurs over plaintext in the present day. TLS support is tracked under RFE1294850.

Scoring

CVSS 8.3 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS0.32% probability of exploitation · percentile 23.9% · 2026-06-19T12:03:05Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-59271
CVE
CVE-2025-5090
CVE
CVE-2025-9364
CVE
CVE-2025-5089
CVE
CVE-2025-59461
CVE
CVE-2026-35085
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.