CVE-2025-57275
MEDIUMSPDK < 25.9 - Buffer Overflow in NVMe-oF Target Component
Title source: llmDescription
Storage Performance Development Kit (SPDK) 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf.
References (2)
Core 2
Core References
Various Sources
https://spdk.io/
Scores
CVSS v3
5.5
EPSS
0.0030
EPSS Percentile
21.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-120
Status
published
Products (1)
pypi/spdk
0 - 25.9PyPI
Published
Oct 01, 2025
Tracked Since
Feb 18, 2026