CVE Catalog

CVE-2025-60889

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.51%

40th percentile — higher than 40% of all known CVEs

Summary

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.

Risk Assessment

The risk for the organization includes potential system compromise, data theft, or service disruption through remote code execution.

Recommendation

It is recommended to immediately update to the latest version of HPX and implement input validation and sanitization mechanisms before deserialization.

Original NVD description (English source)

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS