{"id":"CVE-2025-53884","details":"NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed).","aliases":["GHSA-8ff6-pc43-jwv3","GO-2025-3917"],"modified":"2026-04-10T05:30:59.649707Z","published":"2025-09-17T13:15:33.830Z","related":["SUSE-SU-2025:03289-1","openSUSE-SU-2025:15538-1"],"references":[{"type":"ADVISORY","url":"https://github.com/neuvector/neuvector/security/advisories/GHSA-8ff6-pc43-jwv3"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53884"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-53884.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}