MEDIUM CVE

CVE-2025-31125

CVE security information and ecosystem impact

5.3 CVSS

n/a EPSS

42 Affected Tools

No KEV Listed

Description

No CVE description is available yet.

Ecosystem Response

37 Tracked

35 Patched

2 Unpatched

35 of 37 affected tools have patched.

Affected Tools

Tool	Affected Package or Release	Patched In
Cosmos-Server	v0.22.15 [email protected]	v0.22.16
tunarr	v1.2.18 [email protected]	v1.2.19
honey	v2.5.0 [email protected]	Unknown
genkit	go/v1.8.0 [email protected]	v1.34.0
umbrel	1.7.3 [email protected]	Unknown
heyform	v3.0.0-rc.7 [email protected]	v3.0.0-rc.8
hoodik	v1.15.2 [email protected]	v1.15.3
ryot	v10.3.13 [email protected]	Unknown
pastefy	7.2.2 [email protected]	7.2.3
invoiceninja	v5.13.22 [email protected]	Unknown
liveblocks	v3.19.0 [email protected]	v3.19.1
mathesar	0.11.0 [email protected]	Unknown
mem0	v2.0.2 [email protected]	ts-v3.0.3
anything-llm	v1.13.0 [email protected]	Unknown
tianji	v1.31.24 [email protected]	v1.31.25
NextExplorer	v2.2.4 [email protected]	Unknown
stump	v0.1.3 [email protected]	v0.1.4
survey-library	v2.5.25 [email protected]	v3.0.0-beta.4
usertour	v0.7.2 [email protected]	v0.7.3
yugabyte-db	v2025.2.3.0 [email protected]	v2025.2.3.1
WatchYourLAN	[email protected]	Unknown
automatisch	[email protected]	Unknown
bigcapital	[email protected]	Unknown
bknd	[email protected]	Unknown
blinko	[email protected]	Unknown
enclosed	[email protected]	Unknown
Deepfence ThreatMapper	[email protected]	Unknown
IRIS	[email protected]	Unknown
drivebase	[email protected]	v4.0.0
eventcatalog	[email protected]	Unknown
Flowise	[email protected]	Unknown
Hi.Events	[email protected]	Unknown
omni-tools	[email protected]	Unknown
investbrain	[email protected]	Unknown
url-to-png	[email protected]	Unknown
OmniPoly	[email protected]	Unknown
lowcoder	[email protected]	Unknown
manifest	[email protected]	Unknown
checkcle	[email protected]	Unknown
operational.co	[email protected]	Unknown
moodist	[email protected]	Unknown
cup	[email protected]	Unknown

Dates

Published: 2025-03-31
Modified: 2026-05-06

CVSS Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: Required
Scope: Unchanged
Confidentiality: High
Integrity: None
Availability: None