How severe is CVE-2025-2887?

This vulnerability has a severity rating of MEDIUM with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2025-2887?

This is classified as CWE-1025, which is a common weakness in software security.

CVE-2025-2887

MEDIUM Year: 2025

Weakness Type

CWE-1025

View all →

Vulnerability Description

During a target rollback, the client fails to detect the rollback for delegated targets. This could cause the client to fetch a target from an incorrect source, altering the target contents. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes.

CVE-2025-32464

MEDIUM

CVSS:6.8(Medium)

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer on...

CWE-10252025

CVE-2024-20342

MEDIUM

CVSS:5.8(Medium)

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate lim...

CWE-10252024

CVE-2025-27839

LOW

CVSS:3.2(Low)

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregar...

CWE-10252025

CVE-2025-2888

MEDIUM

During a snapshot rollback, the client incorrectly caches the timestamp metadata. If the client checks the cache when attempting to perform the next update, the update timestamp validation will fail, ...

CWE-10252025

CVE-2025-2887

Vulnerability Description

Related Vulnerabilities

CVE-2025-32464

CVE-2024-20342

CVE-2025-27839

CVE-2025-2888