216.73.216.133

CVE-2025-66001

· Published 08/01/2026 11:15 · Modified 08/01/2026 18:08

Labels: CVE-2025-66001 2026-01-08CVE-2025-66001CWE-295[email protected]

Essential information

Published
08/01/2026 11:15
Modified
08/01/2026 18:08
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server's authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
neuvector / neuvector cpe:2.3:a:neuvector:neuvector:*:*:*:*:*:*:*:*

References