Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-62820
CVE-2025-62820
Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network.
Published Oct 23, 2025
https://github.com/advisories/GHSA-x6fh-7qmf-69xh
CVSS Score
Medium
5.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
golang
github.com/slackhq/nebula
v1.9.4
golang
github.com/slackhq/nebula
v1.9.5-0.20250513160022-061e733007ce
golang
github.com/slackhq/nebula
v1.9.5
golang
github.com/slackhq/nebula
v1.9.6
1-4 of 4
CVE-2025-62820 | Components Impacted | Sonatype Guide | Sonatype Guide
