CVE-2025-66001HIGH 8.8EPSS p23.7%

CVE-2025-66001CVE-2025-66001

Description

NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server's authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.32% probability of exploitation · percentile 23.7% · 2026-06-18T12:00:27Z
Published2026-01-08
Last modified2026-04-15

Underlying weaknesses· 1

CWE-295

References

  1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66001
  2. https://github.com/neuvector/neuvector/security/advisories/GHSA-4jj9-cgqc-x9h5

1

TypeTargetConfidenceTier
WeaknessImproper Certificate Validationcwe-2950%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-54470
CVE
CVE-2025-8077
CVE
CVE-2025-11619
CVE
CVE-2025-68637
CVE
CVE-2025-9293
CVE
CVE-2025-11366
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.