VYPR
Unrated severityNVD Advisory· Published Jan 7, 2026· Updated Jan 7, 2026

CVE-2025-66838

CVE-2025-66838

Description

In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, allowing users to upload files at an unrestricted rate. An attacker can exploit this behavior to rapidly upload a large volume of files, potentially leading to resource exhaustion such as disk space depletion, increased server load, or degraded performance

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Aris/Ariscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 10.0.23.0.3587512

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.