Vulnerability Database

318,389

Total vulnerabilities in the database

CVE-2025-30189

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted passdb/userdb drivers. No publicly available exploits are known.

Published: Oct 31, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-30189
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.4
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWEs:

CWE-1250

Affected Software
References

No affected software listed.

http://seclists.org/fulldisclosure/2025/Oct/29
http://www.openwall.com/lists/oss-security/2025/10/29/4
https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2025/oxdc-adv-2025-0001.json

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo