CVE-2025-45766

poco v1.14.1-release was discovered to contain weak encryption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
mitreCNA
---
---
CISA-ADPADP
7 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
poco
bullseye
undetermined
bullseye (security)
undetermined
bookworm
undetermined
trixie
undetermined
sid
undetermined
Common Weakness Enumeration
References
https://gist.github.com/ZupeiNie/9de26f17a5e135b50fa388999e912c42
https://github.com/pocoproject
https://github.com/pocoproject/poco