CVE-2025-46171

July 23, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-46171
Type cve
Published 2025-07-23T16:15:26
Last Seen 2025-07-23T16:22:37
Modified 2025-07-23T16:15:26

CVSS Information

Base Score 5.4 (MEDIUM)
Attack Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

AI Analysis

AI Description vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the buddylist endpoint. Authenticated users with large buddy lists can cause excessive memory consumption, leading to service unavailability.
AI Severity Medium
AI Vendor vBulletin Solutions
AI Product vBulletin
AI Version 3.8.7

Additional Information

CVE List CVE-2025-46171
CWE List CWE-400
Bulletin Family cve

Description

vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting…

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.