Description
Storage Performance Development Kit (SPDK) 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf.
References (2)
Core 2
Core References
Various Sources
https://spdk.io/
Scores
CVSS v3
5.5
EPSS
0.0006
EPSS Percentile
19.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-120
Status
published
Products (1)
pypi/spdk
0 - 25.9PyPI
Published
Oct 01, 2025
Tracked Since
Feb 18, 2026