CVE-2025-8696

HIGH

Stork <2.3.0 - Info Disclosure

Title source: llm

Description

If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0.

References (2)

[Various Sources] https://kb.isc.org/docs/cve-2025-8696

[Mailing List] http://www.openwall.com/lists/oss-security/2025/09/10/5

Scores

CVSS v3 7.5

EPSS 0.0012

EPSS Percentile 31.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-779 CWE-789

Status published

Products (1)

ISC/Stork 1.0.0 - 2.3.0

Published Sep 10, 2025

Tracked Since Feb 18, 2026