CVE-2025-60889

ANALYSIS PENDING

StellarGroup HPX 1.11.0 - Deserialization

Title source: llm

Description

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.

References (3)

Core 3

Core References

http://hpx.com

http://stellargroup.com

https://gist.github.com/TrebledJ/b32fd5c469583493ab50244045c9a6e4

Scores

EPSS 0.0006

EPSS Percentile 18.1%

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

Status published

Published Apr 28, 2026

Tracked Since Apr 28, 2026