CVE Catalog

CVE-2025-61028

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.48%

38th percentile — higher than 38% of all known CVEs

Summary

An issue in the time_t_to_dt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Risk Assessment

An attacker can remotely cause the database system to become unavailable, disrupting applications and services relying on Virtuoso.

Recommendation

Immediately update openlink virtuoso-opensource to the latest available version that includes a fix for this vulnerability.

Original NVD description (English source)

An issue in the time_t_to_dt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS