CVE-2025-55131

ADVISORY - nist

Summary

A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover data from previous operations, allowing in-process secrets like tokens or passwords to leak or causing data corruption. While exploitation typically requires precise timing or in-process code execution, it can become remotely exploitable when untrusted input influences workload and timeouts, leading to potential confidentiality and integrity impact.

EPSS Score⁠: 0.00034 (0.101)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Docker

CREATED

4 months ago

UPDATED

1 month ago

ADVISORY ID

BSA-2025-55131

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Docker

CREATED

4 months ago

UPDATED

1 month ago

ADVISORY ID

CVE-2025-55131

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

NIST

CREATED

4 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2025-55131⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-120⁠

CVSS SCORE

7.1high

Alpine

CREATED

4 months ago

UPDATED

23 days ago

ADVISORY IDCVE-2025-55131⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

4 months ago

UPDATED

2 days ago

ADVISORY IDCVE-2025-55131⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2025-55131⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALSA-2026:2420⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALSA-2026:2421⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALSA-2026:2422⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALSA-2026:2781⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALSA-2026:2782⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALSA-2026:2783⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALAS2023-2026-1402⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALAS2023-2026-1403⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDALAS2023-2026-1404⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Bitnami

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

BIT-node-2025-55131

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.1high

Bitnami

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

BIT-node-min-2025-55131

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.1high

Red Hat

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2025-55131⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-497⁠

CVSS SCORE

7.1high

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:1842⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:1843⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:2420⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:2421⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:2422⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:2781⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:2782⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2026:2783⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-1842⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-1843⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-2420⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-2421⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-2422⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-2781⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-2782⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDELSA-2026-2783⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Chainguard

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY ID

CGA-4q26-fg8w-8359

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Photon

CREATED

20 days ago

UPDATED

3 days ago

ADVISORY ID

CVE-2025-55131

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.1high

minimos

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY ID

MINI-23mf-fgc4-96h9

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

MINI-2879-25p2-fj5g

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

MINI-3747-89qx-52wg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

MINI-4hr2-g5c2-6ww2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

MINI-cfv7-wwhr-p5gx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY ID

MINI-p8g3-72hc-7wr7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

CVE-2025-55131

Summary

Common Weakness Enumeration (CWE)

CWE-120⁠

CWE-497⁠

Advisories

Docker

Docker

NIST

CVSS SCORE

Alpine

Debian

Ubuntu

CVSS SCORE

Alma

CVSS SCORE

Alma

CVSS SCORE

Alma

CVSS SCORE

Alma

CVSS SCORE

Alma

CVSS SCORE

Alma

CVSS SCORE

Amazon

CVSS SCORE

Amazon

CVSS SCORE

Amazon

CVSS SCORE

Bitnami

CVSS SCORE

Bitnami

CVSS SCORE

Red Hat

CVSS SCORE

Rocky

CVSS SCORE

Rocky

CVSS SCORE

Rocky

CVSS SCORE

Rocky

CVSS SCORE

Rocky

CVSS SCORE

Rocky

CVSS SCORE

Rocky

CVSS SCORE

Rocky

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Oracle

CVSS SCORE

Chainguard

Photon

CVSS SCORE

minimos

minimos

minimos

minimos

minimos

minimos