[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-27558":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":341,"aliases":342,"duplicate_of":9,"upstream":343,"downstream":344,"duplicates":355,"related":356,"reserved_at":9,"published_at":357,"modified_at":358,"state":359,"summary":360,"references_raw":369,"kevs":379,"epss":380,"epss_history":383,"metrics":657,"affected":665},"CVE-2025-27558","IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks using Wi-Fi Protected Access (WPA, WPA2, or WPA3) or Wired Equivalent Privacy (WEP), an adversary can exploit this vulnerability to inject arbitrary frames towards devices that support receiving non-SSP A-MSDU frames. NOTE: this issue exists because of an incorrect fix for CVE-2020-24588. P802.11-REVme, as of early 2025, is a planned release of the 802.11 standard.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-345","Insufficient Verification of Data Authenticity","The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.","weakness","Draft","Class",[19,23,76,88,109,113,117,121,125,129,133,337],{"id":20,"name":21,"techniques":22},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":24,"name":25,"techniques":26},"CAPEC-141","Cache Poisoning",[27],{"id":28,"name":29,"tactics":30,"countermeasures":37},"T1557.002","ARP Cache Poisoning",[31,34],{"id":32,"name":33},"TA0031","Credential Access",{"id":35,"name":36},"TA0100","Collection",[38,43,47,51,55,59,63,67,71],{"id":39,"name":40,"tactic":41},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":42},"Detect",{"id":44,"name":45,"tactic":46},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":42},{"id":48,"name":49,"tactic":50},"D3-CSPP","Client-server Payload Profiling",{"name":42},{"id":52,"name":53,"tactic":54},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":42},{"id":56,"name":57,"tactic":58},"D3-NTSA","Network Traffic Signature Analysis",{"name":42},{"id":60,"name":61,"tactic":62},"D3-APCA","Application Protocol Command Analysis",{"name":42},{"id":64,"name":65,"tactic":66},"D3-NTCD","Network Traffic Community Deviation",{"name":42},{"id":68,"name":69,"tactic":70},"D3-RTSD","Remote Terminal Session Detection",{"name":42},{"id":72,"name":73,"tactic":74},"D3-NTF","Network Traffic Filtering",{"name":75},"Isolate",{"id":77,"name":78,"techniques":79},"CAPEC-142","DNS Cache Poisoning",[80],{"id":81,"name":82,"tactics":83,"countermeasures":87},"T1584.002","DNS Server",[84],{"id":85,"name":86},"TA0042","Resource Development",[],{"id":89,"name":90,"techniques":91},"CAPEC-148","Content Spoofing",[92],{"id":93,"name":94,"tactics":95,"countermeasures":99},"T1491","Defacement",[96],{"id":97,"name":98},"TA0105","Impact",[100,105],{"id":101,"name":102,"tactic":103},"D3-DNR","Decoy Network Resource",{"name":104},"Deceive",{"id":106,"name":107,"tactic":108},"D3-NRAM","Network Resource Access Mediation",{"name":75},{"id":110,"name":111,"techniques":112},"CAPEC-218","Spoofing of UDDI/ebXML Messages",[],{"id":114,"name":115,"techniques":116},"CAPEC-384","Application API Message Manipulation via Man-in-the-Middle",[],{"id":118,"name":119,"techniques":120},"CAPEC-385","Transaction or Event Tampering via Application API Manipulation",[],{"id":122,"name":123,"techniques":124},"CAPEC-386","Application API Navigation Remapping",[],{"id":126,"name":127,"techniques":128},"CAPEC-387","Navigation Remapping To Propagate Malicious Content",[],{"id":130,"name":131,"techniques":132},"CAPEC-388","Application API Button Hijacking",[],{"id":134,"name":135,"techniques":136},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[137,173,213],{"id":138,"name":139,"tactics":140,"countermeasures":147},"T1211","Exploitation for Stealth",[141,144],{"id":142,"name":143},"TA0030","Defense Evasion",{"id":145,"name":146},"TA0005","Stealth",[148,152,156,160,165,169],{"id":149,"name":150,"tactic":151},"D3-MBT","Memory Boundary Tracking",{"name":42},{"id":153,"name":154,"tactic":155},"D3-PCSV","Process Code Segment Verification",{"name":42},{"id":157,"name":158,"tactic":159},"D3-SSC","Shadow Stack Comparisons",{"name":42},{"id":161,"name":162,"tactic":163},"D3-PSEP","Process Segment Execution Prevention",{"name":164},"Harden",{"id":166,"name":167,"tactic":168},"D3-SAOR","Segment Address Offset Randomization",{"name":164},{"id":170,"name":171,"tactic":172},"D3-SFCV","Stack Frame Canary Validation",{"name":164},{"id":174,"name":175,"tactics":176,"countermeasures":182},"T1542.002","Component Firmware",[177,178,179],{"id":142,"name":143},{"id":145,"name":146},{"id":180,"name":181},"TA0110","Persistence",[183,188,192,196,200,204,208],{"id":184,"name":185,"tactic":186},"D3-SWI","Software Inventory",{"name":187},"Model",{"id":189,"name":190,"tactic":191},"D3-AVE","Asset Vulnerability Enumeration",{"name":187},{"id":193,"name":194,"tactic":195},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":42},{"id":197,"name":198,"tactic":199},"D3-FV","Firmware Verification",{"name":42},{"id":201,"name":202,"tactic":203},"D3-FBA","Firmware Behavior Analysis",{"name":42},{"id":205,"name":206,"tactic":207},"D3-SU","Software Update",{"name":164},{"id":209,"name":210,"tactic":211},"D3-RS","Restore Software",{"name":212},"Restore",{"id":214,"name":215,"tactics":216,"countermeasures":223},"T1556","Modify Authentication Process",[217,218,221,222],{"id":142,"name":143},{"id":219,"name":220},"TA0112","Defense Impairment",{"id":180,"name":181},{"id":32,"name":33},[224,228,232,236,240,244,248,252,256,260,265,269,273,277,281,285,289,293,297,301,305,309,313,317,321,325,329,333],{"id":225,"name":226,"tactic":227},"D3-CI","Configuration Inventory",{"name":187},{"id":229,"name":230,"tactic":231},"D3-NTPM","Network Traffic Policy Mapping",{"name":187},{"id":233,"name":234,"tactic":235},"D3-AM","Access Modeling",{"name":187},{"id":237,"name":238,"tactic":239},"D3-FA","File Analysis",{"name":42},{"id":241,"name":242,"tactic":243},"D3-FIM","File Integrity Monitoring",{"name":42},{"id":245,"name":246,"tactic":247},"D3-PLA","Process Lineage Analysis",{"name":42},{"id":249,"name":250,"tactic":251},"D3-PSMD","Process Self-Modification Detection",{"name":42},{"id":253,"name":254,"tactic":255},"D3-PSA","Process Spawn Analysis",{"name":42},{"id":257,"name":258,"tactic":259},"D3-SFA","System File Analysis",{"name":42},{"id":261,"name":262,"tactic":263},"D3-FEV","File Eviction",{"name":264},"Evict",{"id":266,"name":267,"tactic":268},"D3-PT","Process Termination",{"name":264},{"id":270,"name":271,"tactic":272},"D3-PS","Process Suspension",{"name":264},{"id":274,"name":275,"tactic":276},"D3-HR","Host Reboot",{"name":264},{"id":278,"name":279,"tactic":280},"D3-HS","Host Shutdown",{"name":264},{"id":282,"name":283,"tactic":284},"D3-DF","Decoy File",{"name":104},{"id":286,"name":287,"tactic":288},"D3-FE","File Encryption",{"name":164},{"id":290,"name":291,"tactic":292},"D3-RF","Restore File",{"name":212},{"id":294,"name":295,"tactic":296},"D3-RC","Restore Configuration",{"name":212},{"id":298,"name":299,"tactic":300},"D3-CF","Content Filtering",{"name":75},{"id":302,"name":303,"tactic":304},"D3-LFP","Local File Permissions",{"name":75},{"id":306,"name":307,"tactic":308},"D3-RFAM","Remote File Access Mediation",{"name":75},{"id":310,"name":311,"tactic":312},"D3-CQ","Content Quarantine",{"name":75},{"id":314,"name":315,"tactic":316},"D3-CM","Content Modification",{"name":75},{"id":318,"name":319,"tactic":320},"D3-KBPI","Kernel-based Process Isolation",{"name":75},{"id":322,"name":323,"tactic":324},"D3-SCF","System Call Filtering",{"name":75},{"id":326,"name":327,"tactic":328},"D3-HBPI","Hardware-based Process Isolation",{"name":75},{"id":330,"name":331,"tactic":332},"D3-ABPI","Application-based Process Isolation",{"name":75},{"id":334,"name":335,"tactic":336},"D3-WSAM","Web Session Access Mediation",{"name":75},{"id":338,"name":339,"techniques":340},"CAPEC-701","Browser in the Middle (BiTM)",[],[],[],[],[345,347,349,351,353],{"_key":346},"DLA-4328-1",{"_key":348},"DSA-5973-1",{"_key":350},"DSA-5975-1",{"_key":352},"DEBIAN-CVE-2025-27558",{"_key":354},"UBUNTU-CVE-2025-27558",[],[],"2025-05-21T00:00:00.000Z","2025-11-03T17:32:22.854Z","Deferred",{"cisa_kev":361,"cisa_ransomware":361,"cisa_vendor":9,"epss_severity":362,"epss_score":363,"severity":364,"severity_score":365,"severity_version":366,"severity_source":367,"severity_vector":368,"severity_status":359},false,"low",0.00191,"critical",9.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",[370,375],{"url":371,"sources":372,"tags":374},"https://github.com/vanhoefm/fragattacks-survey-public/blob/main/README.md",[367,373],"nvd",[],{"url":376,"sources":377,"tags":378},"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",[367,373],[],[],{"date":381,"score":363,"percentile":382},"2026-06-03",0.40757,[384,388,391,394,397,400,403,406,409,412,415,418,421,424,427,431,434,437,440,443,446,449,452,455,458,460,463,466,469,472,475,478,481,484,487,490,493,496,499,502,505,508,512,515,518,521,524,527,530,533,536,539,543,546,549,552,555,558,561,564,567,570,573,576,579,582,585,587,590,593,596,599,602,605,608,611,614,617,620,623,626,629,633,636,639,642,645,648,651,654],{"date":385,"score":386,"percentile":387},"2025-11-04",0.00023,0.04844,{"date":389,"score":386,"percentile":390},"2025-11-05",0.0485,{"date":392,"score":386,"percentile":393},"2025-11-06",0.04963,{"date":395,"score":386,"percentile":396},"2025-11-07",0.04972,{"date":398,"score":386,"percentile":399},"2025-11-08",0.04966,{"date":401,"score":386,"percentile":402},"2025-11-09",0.04968,{"date":404,"score":386,"percentile":405},"2025-11-10",0.04946,{"date":407,"score":386,"percentile":408},"2025-11-11",0.04986,{"date":410,"score":386,"percentile":411},"2025-11-12",0.0501,{"date":413,"score":386,"percentile":414},"2025-11-13",0.05044,{"date":416,"score":386,"percentile":417},"2025-11-14",0.0508,{"date":419,"score":386,"percentile":420},"2025-11-15",0.05101,{"date":422,"score":386,"percentile":423},"2025-11-16",0.05112,{"date":425,"score":386,"percentile":426},"2025-11-17",0.05111,{"date":428,"score":429,"percentile":430},"2025-11-18",0.00032,0.0492,{"date":432,"score":429,"percentile":433},"2025-11-19",0.0496,{"date":435,"score":429,"percentile":436},"2025-11-20",0.05015,{"date":438,"score":386,"percentile":439},"2025-11-21",0.05166,{"date":441,"score":386,"percentile":442},"2025-11-22",0.05155,{"date":444,"score":386,"percentile":445},"2025-11-23",0.05144,{"date":447,"score":386,"percentile":448},"2025-11-24",0.05129,{"date":450,"score":386,"percentile":451},"2025-11-25",0.05141,{"date":453,"score":386,"percentile":454},"2025-11-26",0.0518,{"date":456,"score":386,"percentile":457},"2025-11-27",0.05197,{"date":459,"score":386,"percentile":454},"2025-11-28",{"date":461,"score":386,"percentile":462},"2025-11-29",0.05225,{"date":464,"score":386,"percentile":465},"2025-11-30",0.05221,{"date":467,"score":386,"percentile":468},"2025-12-01",0.05309,{"date":470,"score":386,"percentile":471},"2025-12-02",0.05323,{"date":473,"score":386,"percentile":474},"2025-12-03",0.05347,{"date":476,"score":386,"percentile":477},"2025-12-04",0.05298,{"date":479,"score":386,"percentile":480},"2025-12-05",0.05361,{"date":482,"score":386,"percentile":483},"2025-12-06",0.05374,{"date":485,"score":386,"percentile":486},"2025-12-07",0.05373,{"date":488,"score":386,"percentile":489},"2025-12-08",0.05382,{"date":491,"score":386,"percentile":492},"2025-12-09",0.05423,{"date":494,"score":386,"percentile":495},"2025-12-10",0.05489,{"date":497,"score":386,"percentile":498},"2025-12-11",0.05497,{"date":500,"score":386,"percentile":501},"2025-12-12",0.05527,{"date":503,"score":386,"percentile":504},"2025-12-13",0.05572,{"date":506,"score":386,"percentile":507},"2025-12-14",0.05551,{"date":509,"score":510,"percentile":511},"2025-12-15",0.00026,0.06543,{"date":513,"score":510,"percentile":514},"2025-12-16",0.06565,{"date":516,"score":510,"percentile":517},"2025-12-17",0.06653,{"date":519,"score":510,"percentile":520},"2025-12-18",0.06713,{"date":522,"score":510,"percentile":523},"2025-12-19",0.06707,{"date":525,"score":510,"percentile":526},"2025-12-20",0.06701,{"date":528,"score":510,"percentile":529},"2025-12-21",0.06689,{"date":531,"score":510,"percentile":532},"2025-12-22",0.06643,{"date":534,"score":510,"percentile":535},"2025-12-23",0.06639,{"date":537,"score":510,"percentile":538},"2025-12-24",0.06669,{"date":540,"score":541,"percentile":542},"2025-12-25",0.00025,0.06279,{"date":544,"score":541,"percentile":545},"2025-12-26",0.06273,{"date":547,"score":541,"percentile":548},"2025-12-27",0.0628,{"date":550,"score":541,"percentile":551},"2025-12-28",0.06269,{"date":553,"score":541,"percentile":554},"2025-12-29",0.06256,{"date":556,"score":541,"percentile":557},"2025-12-30",0.06239,{"date":559,"score":541,"percentile":560},"2025-12-31",0.06289,{"date":562,"score":541,"percentile":563},"2026-01-01",0.06358,{"date":565,"score":541,"percentile":566},"2026-01-02",0.06352,{"date":568,"score":541,"percentile":569},"2026-01-03",0.06337,{"date":571,"score":541,"percentile":572},"2026-01-04",0.06252,{"date":574,"score":541,"percentile":575},"2026-01-05",0.06198,{"date":577,"score":541,"percentile":578},"2026-01-06",0.06204,{"date":580,"score":541,"percentile":581},"2026-01-07",0.06228,{"date":583,"score":541,"percentile":584},"2026-01-08",0.06285,{"date":586,"score":541,"percentile":584},"2026-01-09",{"date":588,"score":541,"percentile":589},"2026-01-10",0.06287,{"date":591,"score":541,"percentile":592},"2026-01-11",0.06294,{"date":594,"score":541,"percentile":595},"2026-01-12",0.0627,{"date":597,"score":541,"percentile":598},"2026-01-13",0.06254,{"date":600,"score":541,"percentile":601},"2026-01-14",0.06306,{"date":603,"score":541,"percentile":604},"2026-01-15",0.06311,{"date":606,"score":541,"percentile":607},"2026-01-16",0.06324,{"date":609,"score":541,"percentile":610},"2026-01-17",0.06334,{"date":612,"score":541,"percentile":613},"2026-01-18",0.0633,{"date":615,"score":541,"percentile":616},"2026-01-19",0.06309,{"date":618,"score":541,"percentile":619},"2026-01-20",0.06268,{"date":621,"score":541,"percentile":622},"2026-01-21",0.06264,{"date":624,"score":541,"percentile":625},"2026-01-22",0.0623,{"date":627,"score":541,"percentile":628},"2026-01-23",0.06296,{"date":630,"score":631,"percentile":632},"2026-01-24",0.00027,0.07166,{"date":634,"score":631,"percentile":635},"2026-01-25",0.07141,{"date":637,"score":631,"percentile":638},"2026-01-26",0.07125,{"date":640,"score":631,"percentile":641},"2026-01-27",0.07113,{"date":643,"score":631,"percentile":644},"2026-01-28",0.07091,{"date":646,"score":631,"percentile":647},"2026-01-29",0.07085,{"date":649,"score":631,"percentile":650},"2026-01-30",0.07097,{"date":652,"score":631,"percentile":653},"2026-01-31",0.07118,{"date":655,"score":631,"percentile":656},"2026-02-01",0.07153,[658,663],{"source":367,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":659,"cvss_v4_0":9},{"baseScore":365,"baseSeverity":660,"vectorString":368,"impactScore":661,"exploitabilityScore":662},"CRITICAL",8.7,10,{"source":373,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":664,"cvss_v4_0":9},{"baseScore":365,"baseSeverity":660,"vectorString":368,"impactScore":661,"exploitabilityScore":662},[]]