CVE-2025-65637

HIGH

logrus < 1.8.3 - Denial of Service via Large Single-Line Payload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-65637. PoCs published by adminlove520, mjuanxd.

AI-analyzed exploit summary This repository contains functional proof-of-concept code demonstrating a denial-of-service vulnerability in `github.com/sirupsen/logrus` versions < 1.8.3, 1.9.0, and 1.9.2. The vulnerability occurs when `logrus.Writer()` processes a single-line payload larger than 64KB without newlines, causing the writer to fail and become unusable.

Description

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.

Exploits (2)

github WORKING POC 2 stars
by adminlove520 · pythonpoc
https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2025/CVE-2025-65637

This repository contains functional proof-of-concept code demonstrating a denial-of-service vulnerability in `github.com/sirupsen/logrus` versions < 1.8.3, 1.9.0, and 1.9.2. The vulnerability occurs when `logrus.Writer()` processes a single-line payload larger than 64KB without newlines, causing the writer to fail and become unusable.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: github.com/sirupsen/logrus < 1.8.3, 1.9.0, 1.9.2
No auth needed
Prerequisites: Go environment · vulnerable version of logrus
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC 1 stars
by mjuanxd · poc
https://github.com/mjuanxd/logrus-dos-poc

This repository contains a working proof-of-concept for CVE-2025-65637, a denial-of-service vulnerability in logrus where writing a single-line payload larger than 64KB without newlines causes the Writer() to fail and become unusable.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: github.com/sirupsen/logrus versions < 1.8.3, 1.9.0, and 1.9.2
No auth needed
Prerequisites: Access to a system using an affected version of logrus · Ability to write a large single-line payload to logrus.Writer()
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8

Scores

CVSS v3 7.5
EPSS 0.0006
EPSS Percentile 17.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-400
Status published
Products (4)
sirupsen/logrus 0 - 1.8.3Go
turbopuffer/logrus 1.9.0
turbopuffer/logrus 1.9.2
turbopuffer/logrus < 1.8.3
Published Dec 04, 2025
Tracked Since Feb 18, 2026