CVE-2025-54992 – OpenKilda OpenFlow XXE Injection

August 11, 2025

CVE ID : CVE-2025-54992

Published : Aug. 11, 2025, 10:15 p.m. | 1 hour, 53 minutes ago

Description : OpenKilda is an open-source OpenFlow controller. Prior to version 1.164.0, an XML external entity (XXE) injection vulnerability was found in OpenKilda which in combination with GHSL-2025-024 allows unauthenticated attackers to exfiltrate information from the instance where the OpenKilda UI is running. This issue may lead to Information disclosure. This issue has been patched in version 1.164.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-55151 – Stirling-PDF SSRF Vulnerability

Next Article CVE-2025-55012 – Zed Agent Panel Remote Code Execution Permissions Bypass

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-54992 – OpenKilda OpenFlow XXE Injection

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

Interactive WebGL Backgrounds: A Quick Guide to Bayer Dithering

CVE-2025-6903 – “Code-projects Car Rental System SQL Injection Vulnerability”

Latest Harness IDP update better supports developer portals at scale

CVE-2025-5122 – Leaflet Map Block for WordPress Stored XSS Vulnerability

Error’d: Que Sera, Sera

NVIDIA’s RTX 5050 specs leaked: 2560 CUDA cores, GDDR6 memory, and Blackwell chip

CVE-2025-25256 – Fortinet FortiSIEM OS Command Injection

How AI is Reshaping Mobile App Development with React Native

CVE-2025-54992 – OpenKilda OpenFlow XXE Injection

Related Posts