Vulnerability Database

308,918

Total vulnerabilities in the database

CVE-2025-54471

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data.

Published: Oct 21, 2025
Updated: Nov 17, 2025
CVE: CVE-2025-54471
GHSA: GHSA-h773-7gf7-9m2x
Severity: Medium
Exploit:

CVSS v3:

Severity: Unknown
Score:
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-321

Affected Software
References

Software	From	Fixed in
github.com/neuvector/neuvector	5.3.0	5.4.7
github.com/neuvector/neuvector	0.0.0-20230727023453-1c4957d53911	0.0.0-20251020133207-084a437033b4

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54471
https://github.com/neuvector/neuvector/commit/084a437033b491eeea11bdba1a09dd84ed12ea88
https://github.com/neuvector/neuvector/security/advisories/GHSA-h773-7gf7-9m2x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo