CVE-2025-10952
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-25

Last updated on: 2025-09-26

Assigner: VulDB

Description
A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function stream_handler of the file ml_logger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-25
Last Modified
2025-09-26
Generated
2026-06-16
AI Q&A
2025-09-25
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10952
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
geyang ml-logger *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a security flaw in the geyang ml-logger software, specifically in the stream_handler function of the ml_logger/server.py file. It allows an attacker to manipulate the argument 'key' remotely, which leads to information disclosure. This means sensitive information could be exposed to unauthorized parties.

Impact Analysis

The vulnerability can lead to unauthorized disclosure of sensitive information due to manipulation of the 'key' argument in the affected function. Since the attack can be initiated remotely and the exploit is publicly available, it increases the risk of data exposure without requiring authentication.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10952. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart