CVE-2025-27911 — MEDIUM (6.5)

Q: How severe is CVE-2025-27911?

CVE-2025-27911 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-27911?

Check the references section above for vendor advisories and patch information. Affected products include: Datalust Seq.

Vulnerability Description

An issue was discovered in Datalust Seq before 2024.3.13545. Expansion of identifiers in message templates can be used to bypass the system "Event body limit bytes" setting, leading to increased resource consumption. With sufficiently large events, there can be disk space exhaustion (if saved to disk) or a termination of the server process with an out-of-memory error.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Datalust	Seq	< 2024.3.13545

Related Weaknesses (CWE)

CWE-770

References

https://datalust.co/seqProduct
https://github.com/datalust/seq-tickets/issues/2365Issue TrackingVendor Advisory

FAQ

What is CVE-2025-27911?

CVE-2025-27911 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered in Datalust Seq before 2024.3.13545. Expansion of identifiers in message templates can be used to bypass the system "Event body limit bytes" setting, leading to increased resou...

How severe is CVE-2025-27911?

CVE-2025-27911 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-27911?

Check the references section above for vendor advisories and patch information. Affected products include: Datalust Seq.