CVE-2025-10975
MEDIUMGuanxingLu <31abc0baf53ef8f5db666a1c882e1ea64def2997 - SSRF
Title source: llmDescription
A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoning_server::run_reasoning_server of the file experiments/robot/bridge/reasoning_server.py of the component ZeroMQ. Performing manipulation of the argument Message results in deserialization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.
References (5)
Core 5
Core References
Permissions Required, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.325846
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.325846
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.653279
Issue Tracking issue-tracking
https://github.com/GuanxingLu/vlarl/issues/18
Issue Tracking exploit
issue-tracking
https://github.com/GuanxingLu/vlarl/issues/18#issue-3408978610
Scores
CVSS v3
6.3
EPSS
0.0028
EPSS Percentile
19.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-20
CWE-502
Status
published
Products (1)
GuanxingLu/vlarl
31abc0baf53ef8f5db666a1c882e1ea64def2997
Published
Sep 25, 2025
Tracked Since
Feb 18, 2026