{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T14:50:58.117","vulnerabilities":[{"cve":{"id":"CVE-2025-32788","sourceIdentifier":"security-advisories@github.com","published":"2025-04-22T18:15:59.630","lastModified":"2025-06-27T15:40:23.867","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass the login redirect and directly access the rendered HTML of certain frontend pages. The primary risk lies in potential future modifications to the codebase that might incorrectly rely on the vulnerable internal functions for authentication checks, leading to security vulnerabilities. This issue has been patched in version 1.11.0."},{"lang":"es","value":"OctoPrint proporciona una interfaz web para controlar impresoras 3D de consumo. En versiones hasta la 1.10.3 (incluida), OctoPrint presenta una vulnerabilidad que permite a un atacante eludir la redirección de inicio de sesión y acceder directamente al HTML renderizado de ciertas páginas frontend. El principal riesgo reside en posibles modificaciones futuras del código base que podrían basarse incorrectamente en las funciones internas vulnerables para las comprobaciones de autenticación, lo que generaría vulnerabilidades de seguridad. Este problema se ha corregido en la versión 1.11.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:octoprint:octoprint:*:*:*:*:*:*:*:*","versionEndExcluding":"1.11.0","matchCriteriaId":"251E030A-D22B-4103-A355-257D00953C7E"}]}]}],"references":[{"url":"https://github.com/OctoPrint/OctoPrint/commit/41ff431014edfa18ca1a01897b10463934dc7fc2","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-qw93-h6pf-226x","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}