CVE Catalog
CVE-2025-61020
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.48%
38th percentile — higher than 38% of all known CVEs
Summary
An issue in the sqlo_strip_in_join component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
Risk Assessment
An attacker can remotely crash the database server, disrupting applications relying on Virtuoso and potentially causing financial losses.
Recommendation
Immediately update openlink virtuoso-opensource to the latest available version that includes a fix for this vulnerability.
Original NVD description (English source)
An issue in the sqlo_strip_in_join component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

