{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T15:19:03.347","vulnerabilities":[{"cve":{"id":"CVE-2025-10461","sourceIdentifier":"10de8ef9-5c89-4b17-8228-e97b74acf4bd","published":"2026-03-16T14:17:53.620","lastModified":"2026-03-27T09:16:17.050","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker (filesystem modules) allows file access.\n\n\n\nThis issue affects\n\nsmartLink SW-HT: through 1.42\n\nsmartLink SW-PN: through 1.03."},{"lang":"es","value":"Lecturas globales de archivos causadas por comprobaciones de URL incorrectas en el servidor web en smartLinks de Softing Industrial Automation GmbH en docker (módulos del sistema de archivos) permiten el acceso a archivos.\n\nEste problema afecta a\n\nsmartLink SW-HT: hasta la versión 1.42\n\nsmartLink SW-PN: hasta la versión 1.03."}],"metrics":{"cvssMetricV40":[{"source":"10de8ef9-5c89-4b17-8228-e97b74acf4bd","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:L/U:Green","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"GREEN"}}]},"weaknesses":[{"source":"10de8ef9-5c89-4b17-8228-e97b74acf4bd","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"references":[{"url":"https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10461.html","source":"10de8ef9-5c89-4b17-8228-e97b74acf4bd"},{"url":"https://industrial.softing.com/fileadmin/psirt/downloads/2025/CVE-2025-10461.json","source":"10de8ef9-5c89-4b17-8228-e97b74acf4bd"}]}}]}