CVE-2025-0001

Medium

Published: 17 February 2025

Published

17 February 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0021 43.8th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0001 is a medium-severity Absolute Path Traversal (CWE-36) vulnerability in Github (inferred from references). Its CVSS base score is 6.5 (Medium).

Operationally, ranked at the 43.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

NVD Description

Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read vulnerability.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-36

Affected Products

Github

—

inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-1018Shared CWE-36

CVE-2026-1330Shared CWE-36

CVE-2024-8501Shared CWE-36

CVE-2025-57790Shared CWE-36

CVE-2024-13159Shared CWE-36

CVE-2024-13160Shared CWE-36

CVE-2026-2753Shared CWE-36

CVE-2024-48248Shared CWE-36

CVE-2025-7846Shared CWE-36

CVE-2026-0846Shared CWE-36

References

https://borelenzo.github.io/stuff/2025/02/15/CVE-2025-0001.html
vulnerability@ncsc.ch