VYPR
High severity8.8NVD Advisory· Published Jul 2, 2025· Updated Jun 17, 2026

CVE-2025-53106

CVE-2025-53106

Description

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the attack to succeed, the attacker needs a user account in Graylog. They can then proceed to issue hand-crafted requests to the Graylog REST API and exploit a weak permission check for token creation. This issue has been patched in versions 6.2.4 and 6.3.0-rc.2. A workaround involves disabling the respective configuration found in System > Configuration > Users > "Allow users to create personal access tokens".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.graylog2:graylog2-serverMaven
>= 6.2.0, < 6.2.46.2.4
org.graylog2:graylog2-serverMaven
>= 6.3.0-alpha.1, < 6.3.0-rc.26.3.0-rc.2

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.