CVE-2025-61680

Vulnerability Description

Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.

Related Weaknesses (CWE)

CWE-256

References

https://github.com/jaketcooper/Minecraft-rcon/commit/31272b541482d095d1578855c2b
https://github.com/jaketcooper/Minecraft-rcon/releases/tag/2.1.0
https://github.com/jaketcooper/Minecraft-rcon/security/advisories/GHSA-4m33-hxqw

FAQ

What is CVE-2025-61680?

CVE-2025-61680 is a documented vulnerability. Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.js...

How severe is CVE-2025-61680?

CVSS scoring is not yet available for CVE-2025-61680. Check NVD for updates.

Is there a patch for CVE-2025-61680?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.