216.73.216.133

CVE-2025-66005

· Published 14/01/2026 12:16 · Modified 14/01/2026 16:25

Labels: CVE-2025-66005 2026-01-14CVE-2025-66005CWE-863[email protected]

Essential information

Published
14/01/2026 12:16
Modified
14/01/2026 16:25
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
inputplumber / inputplumber cpe:2.3:a:inputplumber:inputplumber:<0.63.0:*:*:*:*:*:*:*

References