Unrated severityNVD Advisory· Published Dec 25, 2025· Updated Dec 26, 2025

CVE-2025-59683

Description

Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of service.

Affected products

Pexip/Pexip Infinityllm-fuzzy
Range: >=15.0, <=38.0, <38.1
Pexip/Infinityv5
Range: 15.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.pexip.com/admin/security_bulletins.htmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000