{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T13:08:05.322","vulnerabilities":[{"cve":{"id":"CVE-2025-53391","sourceIdentifier":"cve@mitre.org","published":"2025-06-28T22:15:23.600","lastModified":"2025-06-30T18:38:23.493","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The Debian zuluPolkit\/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.2.0-1 package has insecure PolicyKit allow_any\/allow_inactive\/allow_active settings that allow a local user to escalate their privileges to root."},{"lang":"es","value":"El archivo Debian zuluPolkit\/CMakeLists.txt para zuluCrypt a través del paquete zulucrypt_6.2.0-1 tiene configuraciones inseguras de PolicyKit allow_any\/allow_inactive\/allow_active que permiten a un usuario local escalar sus privilegios a root."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":6.0}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https:\/\/bugs.debian.org\/1108288","source":"cve@mitre.org"},{"url":"https:\/\/deb.debian.org\/debian\/pool\/main\/z\/zulucrypt\/zulucrypt_6.2.0-1.dsc","source":"cve@mitre.org"},{"url":"https:\/\/salsa.debian.org\/debian\/zulucrypt\/-\/blob\/9d661c9f384c4d889d3387944e14ac70cfb9684b\/debian\/patches\/fix_zulupolkit_policy.patch","source":"cve@mitre.org"},{"url":"https:\/\/bugs.debian.org\/cgi-bin\/bugreport.cgi?bug=1108288","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}]}