High severity8.8GHSA Advisory· Published Jan 8, 2026· Updated Apr 15, 2026
CVE-2025-66001
CVE-2025-66001
Description
NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server's authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/neuvector/neuvectorGo | >= 5.3.0, < 5.4.8 | 5.4.8 |
Affected products
3- ghsa-coords2 versionspkg:golang/github.com/neuvector/neuvectorpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6
>= 5.3.0, < 5.4.8+ 1 more
- (no CPE)range: >= 5.3.0, < 5.4.8
- (no CPE)range: < 0.0.20251230T014957-150000.1.134.1
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-4jj9-cgqc-x9h5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-66001ghsaADVISORY
- bugzilla.suse.com/show_bug.cginvdWEB
- github.com/neuvector/neuvector/commit/955904b5762f296d209bf395a5fcc7a40a53c424ghsaWEB
- github.com/neuvector/neuvector/security/advisories/GHSA-4jj9-cgqc-x9h5nvdWEB
News mentions
0No linked articles in our index yet.