Critical severity9.8NVD Advisory· Published Jun 17, 2025· Updated Apr 15, 2026

CVE-2025-49825

Description

Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
github.com/gravitational/teleportGo	>= 17.0.0, < 17.5.2	17.5.2
github.com/gravitational/teleportGo	>= 16.0.0, < 16.5.12	16.5.12
github.com/gravitational/teleportGo	>= 15.0.0, < 15.5.3	15.5.3
github.com/gravitational/teleportGo	>= 14.0.0, < 14.4.1	14.4.1
github.com/gravitational/teleportGo	>= 13.0.0, < 13.4.27	13.4.27
github.com/gravitational/teleportGo	>= 0.0.11, < 12.4.35	12.4.35
github.com/gravitational/teleportGo	<= 0.0.0-20250616162021-79b2f26125a1	—

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-8cqv-pj7f-pwpcghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-49825ghsaADVISORY
github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpcnvdWEB

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.014
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000