216.73.217.50

CVE-2025-35436

· Published 17/09/2025 17:15 · Modified 18/09/2025 13:43

Labels: CVE-2025-35436 2025-09-179119a7d8-5eab-497f-8521-727c672e3725CVE-2025-35436CWE-248

Essential information

Published
17/09/2025 17:15
Modified
18/09/2025 13:43
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

CISA Thorium uses '.unwrap()' to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
9119a7d8-5eab-497f-8521-727c672e3725
NVD
View on NVD

Affected products (CPE)

ProductCPE
cisa / thorium cpe:2.3:a:cisa:thorium:*:*:*:*:*:*:*:*

References