CVE-2025-10458

HIGH

Product Name - Info Disclosure

Title source: llm

Description

Parameters are not validated or sanitized, and are later used in various internal operations.

References (1)

Scores

CVSS v3 7.6
EPSS 0.0002
EPSS Percentile 5.8%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Classification

CWE
CWE-130
Status published

Affected Products (1)

zephyrproject/zephyr < 4.1.0

Timeline

Published Sep 19, 2025
Tracked Since Feb 18, 2026