{"id":"CVE-2025-66422","details":"Tryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.","aliases":["GHSA-jqfc-9q34-prhg"],"modified":"2026-03-13T03:41:39.159467Z","published":"2025-11-30T03:15:47.970Z","references":[{"type":"ADVISORY","url":"https://discuss.tryton.org/t/security-release-for-issue-14354/8950"},{"type":"REPORT","url":"https://foss.heptapod.net/tryton/tryton/-/issues/14354"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"6.0.0"},{"fixed":"6.0.70"}]},{"events":[{"introduced":"7.0.0"},{"fixed":"7.0.40"}]},{"events":[{"introduced":"7.4.0"},{"fixed":"7.4.21"}]},{"events":[{"introduced":"7.6.0"},{"fixed":"7.6.11"}]},{"events":[{"introduced":"0"},{"fixed":"7.6.11"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-66422.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}