CVE-2025-54471

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data.

Published Oct 22, 2025

https://github.com/advisories/GHSA-h773-7gf7-9m2x

CVSS ScoreMedium

6.5

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-54471

NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data.

Published Oct 22, 2025

https://github.com/advisories/GHSA-h773-7gf7-9m2x

CVSS ScoreMedium

6.5


golang	github.com/neuvector/neuvector	v0.0.0-20240821220607-caed3e3dbbb0
golang	github.com/neuvector/neuvector	v0.0.0-20241208165329-1a48cd00b351
golang	github.com/neuvector/neuvector	v0.0.0-20250204034627-a868ddae5754
golang	github.com/neuvector/neuvector	v0.0.0-20250312183056-77ca1c33c622
golang	github.com/neuvector/neuvector	v0.0.0-20250318171256-1d62b7f73bb8
golang	github.com/neuvector/neuvector	v0.0.0-20250408235603-84c3c64c9a61
golang	github.com/neuvector/neuvector	v0.0.0-20250508121332-6ebbb8fb8fe4
golang	github.com/neuvector/neuvector	v0.0.0-20250521172018-cefc96d1c715

Ecosystem	Package	Version


golang	github.com/neuvector/neuvector	v0.0.0-20240821220607-caed3e3dbbb0
golang	github.com/neuvector/neuvector	v0.0.0-20241208165329-1a48cd00b351
golang	github.com/neuvector/neuvector	v0.0.0-20250204034627-a868ddae5754
golang	github.com/neuvector/neuvector	v0.0.0-20250312183056-77ca1c33c622
golang	github.com/neuvector/neuvector	v0.0.0-20250318171256-1d62b7f73bb8
golang	github.com/neuvector/neuvector	v0.0.0-20250408235603-84c3c64c9a61
golang	github.com/neuvector/neuvector	v0.0.0-20250508121332-6ebbb8fb8fe4
golang	github.com/neuvector/neuvector	v0.0.0-20250521172018-cefc96d1c715

Find vulnerabilities. Fix fast with AI.

CVE-2025-54471

CVE-2025-54471