ByteOS Network

NVD Vulnerability Details :

CVE-2025-46801

Awaiting Analysis

Source-vultures@jpcert.or.jp

Published At-19 May, 2025 | 08:15

Updated At-03 Nov, 2025 | 18:16

Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by primary weakness vulnerability. if the vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/or disable the database.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	9.3	CRITICAL	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.0	9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 4.0

Base score: 9.3

Base severity: CRITICAL

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.0

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses

CWE ID	Type	Source
CWE-305	Secondary	vultures@jpcert.or.jp

CWE ID: CWE-305

Type: Secondary

Source: vultures@jpcert.or.jp

References

Hyperlink	Source	Resource
https://jvn.jp/en/jp/JVN06238225/	vultures@jpcert.or.jp	N/A
https://www.pgpool.net/mediawiki/index.php/Main_Page#News	vultures@jpcert.or.jp	N/A
https://lists.debian.org/debian-lts-announce/2025/10/msg00014.html	af854a3a-2127-422b-91ae-364da2661108	N/A