CVE-2025-66005

Vulnerability Description

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

Related Weaknesses (CWE)

CWE-863

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-66005
https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html

FAQ

What is CVE-2025-66005?

CVE-2025-66005 is a documented vulnerability. Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of t...

How severe is CVE-2025-66005?

CVSS scoring is not yet available for CVE-2025-66005. Check NVD for updates.

Is there a patch for CVE-2025-66005?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.