CVE-2025-9287

9.1 CRITICAL

Published: August 20, 2025 Modified: November 03, 2025

Description

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Patch Vendor Advisory Exploit Third Party Advisory

Source: 7ffcee3d-2c14-4c3e-b844-86c6a321a158

Issue Tracking Patch

Source: 7ffcee3d-2c14-4c3e-b844-86c6a321a158

Exploit Vendor Advisory

Source: af854a3a-2127-422b-91ae-364da2661108

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Exploit Vendor Advisory

4 reference(s) from NVD

CVSS v3 Score

9.1 / 10.0

EPSS (Exploit Probability)

0.2%

41th percentile

Exploitation Status

Not in CISA KEV

CWE-20

browserify