Unrated severityNVD Advisory· Published Dec 25, 2025· Updated Dec 26, 2025

CVE-2025-66377

Description

Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other nodes within the installation.

Affected products

Pexip/Pexip Infinityllm-fuzzy
Range: <39.0
Pexip/Infinityv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.pexip.com/admin/security_bulletins.htmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000