Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-656h-mks2-6yaw
Vulnerability ID VCID-656h-mks2-6yaw
Aliases CVE-2022-3525
GHSA-cv9g-h8mm-xx5h
Summary Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-502 Deserialization of Untrusted Data
System Score Found at
epss 5e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-3525
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-cv9g-h8mm-xx5h
cvssv3 9 https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
cvssv3.1 8.8 https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
generic_textual HIGH https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
ssvc Track* https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
cvssv3 9 https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
cvssv3.1 8.8 https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
generic_textual HIGH https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
ssvc Track* https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
cvssv3.1 8.8 https://nvd.nist.gov/vuln/detail/CVE-2022-3525
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2022-3525
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-3525
ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948 https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
CVE-2022-3525 https://nvd.nist.gov/vuln/detail/CVE-2022-3525
ed048e8d-87af-440a-a91f-be1e65a40330 https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
GHSA-cv9g-h8mm-xx5h https://github.com/advisories/GHSA-cv9g-h8mm-xx5h
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-24T20:14:43Z/ Found at https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Found at https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-24T20:14:43Z/ Found at https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-3525
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.00303
EPSS Score 5e-05
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T17:41:50.288438+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2022/3xxx/CVE-2022-3525.json 38.6.0