{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T13:03:00.520","vulnerabilities":[{"cve":{"id":"CVE-2025-5791","sourceIdentifier":"secalert@redhat.com","published":"2025-06-06T14:15:23.137","lastModified":"2025-07-31T16:15:31.793","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list."},{"lang":"es","value":"Se encontró una falla en el crate del usuario para Rust. Esta vulnerabilidad permite la escalada de privilegios mediante una lista de grupos incorrecta cuando un usuario o proceso tiene menos de exactamente 1024 grupos, lo que provoca la inclusión errónea del grupo raíz en la lista de acceso."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https:\/\/access.redhat.com\/errata\/RHSA-2025:12359","source":"secalert@redhat.com"},{"url":"https:\/\/access.redhat.com\/security\/cve\/CVE-2025-5791","source":"secalert@redhat.com"},{"url":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2370001","source":"secalert@redhat.com"},{"url":"https:\/\/crates.io\/crates\/users","source":"secalert@redhat.com"},{"url":"https:\/\/github.com\/ogham\/rust-users\/issues\/44","source":"secalert@redhat.com"},{"url":"https:\/\/rustsec.org\/advisories\/RUSTSEC-2025-0040.html","source":"secalert@redhat.com"}]}}]}