How severe is CVE-2025-32793?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4 out of 10.

What type of vulnerability is CVE-2025-32793?

This is classified as CWE-319, which is a common weakness in software security.

CVE-2025-32793 - MEDIUM Severity | CVSS 4

Vulnerability Description

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Versions 1.15.0 to 1.15.15, 1.16.0 to 1.16.8, and 1.17.0 to 1.17.2, are vulnerable when using Wireguard transparent encryption in a Cilium cluster, packets that originate from a terminating endpoint can leave the source node without encryption due to a race condition in how traffic is processed by Cilium. This issue has been patched in versions 1.15.16, 1.16.9, and 1.17.3. There are no workarounds available for this issue.

Related Vulnerabilities

CVE-2017-9637

MEDIUM

CVSS:4.1(Medium)

Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attack...

CWE-3192017

CVE-2023-45716

MEDIUM

CVSS:4.1(Medium)

Sametime is impacted by sensitive information passed in URL.

CWE-3192023

CVE-2019-8345

MEDIUM

CVSS:4.2(Medium)

The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an ...

CWE-3192019

CVE-2018-11399

MEDIUM

CVSS:4.3(Medium)

SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occu...

CWE-3192018

CVE-2019-10732

MEDIUM

CVSS:4.3(Medium)

In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS ...

CWE-3192019

CVE-2019-10734

MEDIUM

CVSS:4.3(Medium)

In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS ...

CWE-3192019