CVE-2025-8696
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-10

Last updated on: 2025-11-04

Assigner: Internet Systems Consortium (ISC)

Description
If an unauthenticated user sends a large amount of data to the Stork UI, it may cause memory and disk use problems for the system running the Stork server. This issue affects Stork versions 1.0.0 through 2.3.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-10
Last Modified
2025-11-04
Generated
2026-06-16
AI Q&A
2025-09-10
EPSS Evaluated
2026-06-14
NVD
CVE-2025-8696
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
isc stork 2.3.0
isc stork 1.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-789 The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
CWE-779 The product logs too much information, making log files hard to process and possibly hindering recovery efforts or forensic analysis after an attack.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-8696 is a high-severity denial-of-service (DoS) vulnerability in the Stork UI versions 1.0.0 through 2.3.0. An unauthenticated attacker can send a large amount of data to the Stork UI, causing excessive memory and disk usage on the server running the Stork application. This resource exhaustion can cause the stork-server process and potentially other system processes to fail. The attack can be done remotely without any privileges or user interaction. [1]

Impact Analysis

This vulnerability can impact you by causing denial of service on the system running the Stork server. Excessive memory and disk usage triggered by large or repeated data inputs can cause the stork-server process to fail and may affect other processes on the system, leading to system instability or downtime. [1]

Detection Guidance

This vulnerability can be detected by monitoring for unusually high memory and disk usage on the system running the Stork server, especially related to the stork-server process. Additionally, checking for excessive log file growth or frequent log rotations may indicate exploitation attempts. Network monitoring tools can be used to detect large volumes of data being sent to the Stork UI port. Specific commands are not provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include placing the Stork server behind a firewall or proxy that restricts access to trusted clients and enforces input size limits. The recommended solution is to upgrade the Stork server to patched versions 2.2.1 or 2.3.1. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-8696. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart