CVE-2025-41646

Critical

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion.…

CERTVDE·CWE-704·Published 2025-06-06

CVSS

9.8

EPSS

0.39

KEV

Exploits

cve.orgen

180 chars

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

NVDen

180 chars

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device

NVDes

213 chars

Un atacante remoto no autorizado puede eludir la autenticación del paquete de software afectado mediante el uso indebido de una conversión de tipo incorrecta. Esto conlleva la vulnerabilidad total del dispositivo.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H