Vulnerability Description
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Stellar-Group | Hpx | <= 1.11.0 |
Related Weaknesses (CWE)
References
- http://hpx.comNot Applicable
- http://stellargroup.comNot Applicable
- https://gist.github.com/TrebledJ/b32fd5c469583493ab50244045c9a6e4ExploitThird Party Advisory
- https://gist.github.com/TrebledJ/b32fd5c469583493ab50244045c9a6e4ExploitThird Party Advisory
FAQ
What is CVE-2025-60889?
CVE-2025-60889 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.
How severe is CVE-2025-60889?
CVE-2025-60889 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-60889?
Check the references section above for vendor advisories and patch information. Affected products include: Stellar-Group Hpx.