Vulnerability Database

318,637

Total vulnerabilities in the database

CVE-2025-62784

InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is resolved in version 1.6.5.

Published: Oct 28, 2025
Updated: Jan 19, 2026
CVE: CVE-2025-62784
GHSA: GHSA-7whh-79j3-7c55
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWEs:

CWE-837

Affected Software
References

Software	From	Fixed in
de.themoep / inventorygui	-	1.6.5
phoenix616 / inventorygui	-	1.6.5

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo