CVE-2025-50065
LOW EPSS 21.5%
Published Jul 15, 202511mo ago · Modified Jun 17, 20262w ago
3.7 CVSS 3.1
Published Jul 15, 2025 11mo ago
Last Modified Jun 17, 2026 2w ago
Description
Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability Low
Threat Intelligence
EPSS Exploit Probability
21.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-269 Improper Privilege Management Authorization
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| oracle | graalvm_for_jdk | 24.0.1 | any |
References 1
- oracle.com https://www.oracle.com/security-alerts/cpujul2025.html
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.