{"id":"CVE-2025-44005","details":"An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.","aliases":["GHSA-h8cp-697h-8c8p","GO-2025-4180"],"modified":"2026-04-10T05:26:45.503990Z","published":"2025-12-17T16:16:05.847Z","related":["CGA-ffjg-5f45-g48f","SUSE-SU-2025:4395-1"],"references":[{"type":"WEB","url":"https://talosintelligence.com/vulnerability_reports/TALOS-2025-2242"},{"type":"WEB","url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2242"},{"type":"ADVISORY","url":"https://github.com/smallstep/certificates/security/advisories/GHSA-h8cp-697h-8c8p"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-44005.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N"}]}