CVE-2025-62235
Essential information
- Published
- 10/01/2026 10:15
- Modified
- 10/01/2026 10:15
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
Authentication Bypass by Spoofing vulnerability in Apache NimBLE.
Receiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor.
This issue affects Apache NimBLE: through 1.8.0.
Users are recommended to upgrade to version 1.9.0, which fixes the issue.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| apache / nimble | cpe:2.3:a:apache:nimble:<1.8.0:*:*:*:*:*:*:* |