CVE-2025-31176 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.2 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
redhat	CNA	6.2 MEDIUM	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 3%

Vendor	Product	Version
gnuplot	gnuplot	𝑥 < 6.0.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

gnuplot

bullseye	unimportant
bookworm	unimportant
trixie	unimportant
forky	unimportant
sid	unimportant

Ubuntu Releases

Ubuntu Product

Codename

gnuplot

plucky	deferred
oracular	ignored
noble	deferred
jammy	deferred
focal	deferred
bionic	deferred
xenial	deferred
trusty	deferred

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://access.redhat.com/security/cve/CVE-2025-31176

https://bugzilla.redhat.com/show_bug.cgi?id=2355343