CVE-2025-59790

CVE-2025-59790: Apache Kvrocks: RESET command grants admin privileges

Vendor Apache Software Foundation

Product Apache Kvrocks

Weakness CWE-269

Published November 28, 2025

Last update November 28, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

Key dates

Disclosure timeline

November 28, 2025 CVE published

November 28, 2025 Record updated