CVE-2025-60889

EUVD-2025-209583
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
stellar-grouphpx
𝑥
≤ 1.11.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://hpx.com
http://stellargroup.com
https://gist.github.com/TrebledJ/b32fd5c469583493ab50244045c9a6e4
https://gist.github.com/TrebledJ/b32fd5c469583493ab50244045c9a6e4