CVE-2025-54351CRITICAL 10.0EPSS p30.0%

CVE-2025-54351CVE-2025-54351

Description

In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).

Scoring

CVSS 3.110.0 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS0.38% probability of exploitation · percentile 30.0% · 2026-06-18T12:00:27Z
Published2025-08-03
Last modified2025-10-17

Underlying weaknesses· 1

CWE-420

References

  1. https://github.com/esnet/iperf/commit/969b7f70c447513e92c9798f22e82b40ebc53bf0
  2. https://github.com/esnet/iperf/releases/tag/3.19.1

1

TypeTargetConfidenceTier
WeaknessUnprotected Alternate Channelcwe-4200%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-54349
CVE
CVE-2025-68615
CVE
CVE-2025-43973
CVE
CVE-2025-1675
CVE
CVE-2026-25259
CVE
CVE-2025-47372
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.