{"id":"CVE-2025-59792","details":"Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks.\n\nThis issue affects Apache Kvrocks: from 1.0.0 through 2.13.0.\n\nUsers are recommended to upgrade to version 2.14.0, which fixes the issue.","modified":"2026-03-15T14:53:15.303941Z","published":"2025-11-28T15:16:03.140Z","references":[{"type":"ADVISORY","url":"https://lists.apache.org/thread/h2pcvr5p9otc7dnj2dt2nr4b3omghddw"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2025/11/28/3"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/kvrocks","events":[{"introduced":"b6733dccf07522ed29dc271b7fcf64ee0d68d47e"},{"fixed":"a71eb42f33f2a1fdb7a13184b5ad7dff0114aa37"}],"database_specific":{"versions":[{"introduced":"1.0.0"},{"fixed":"2.14.0"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59792.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}