CVE-2025-8696

HIGH

ISC Stork 1.0.0-2.3.0 - Unauthenticated Denial of Service via Large Data Input

Title source: llm

Description

If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0.

References (2)

Core 2

Core References

Various Sources vendor-advisory

https://kb.isc.org/docs/cve-2025-8696

Mailing List

http://www.openwall.com/lists/oss-security/2025/09/10/5

Scores

CVSS v3 7.5

EPSS 0.0041

EPSS Percentile 32.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-779 CWE-789

Status published

Products (1)

ISC/Stork 1.0.0 - 2.3.0

Published Sep 10, 2025

Tracked Since Feb 18, 2026