CVE-2025-8696 HIGH

CVE-2025-8696: DoS attack against the Stork UI from an unauthenticated user

Vendor Isc
Product Stork
Weakness CWE-789
Published September 10, 2025
Last update November 4, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0.

Key dates

02Disclosure timeline

September 10, 2025 CVE published
November 4, 2025 Record updated