CVE-2025-30188 HIGH

CVE-2025-30188

Vendor Open-Xchange Gmbh
Product OX App Suite
Weakness CWE-400
Published October 31, 2025
Last update October 31, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Malicious or unintentional API requests can be used to add significant amount of data to caches. Caches may evict information that is required to operate the web frontend, which leads to unavailability of the component. Please deploy the provided updates and patch releases. No publicly available exploits are known

Key dates

02Disclosure timeline

October 31, 2025 CVE published
October 31, 2025 Record updated