What is CVE-2025-11919?

CVE-2025-11919 is a critical-severity vulnerability in Wolfram Research Inc. Cloud, classified under CWE-552 FILES OR DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES. CVSS score: 9.6/10. Published 2026-06-26.

How severe is CVE-2025-11919?

Critical severity. CVSS v3 base score is 9.6 out of 10.

Vulnerability in Wolfram Research Inc. Cloud

CVE-2025-11919

The default JVM can access files and directories under `/tmp/` including the `$TemporaryDirectory` of other users on the same cloud instance (`/tmp/UserTemporaryFiles/`). The `-init` file for the the JVM initialization exists in the vulne…

CVSS v3 metric

CVSS v3 base score 9.6 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N.

Affected products

Wolfram Research Inc. Cloud — versions 14.2

References

cret@cert.org
af854a3a-2127-422b-91ae-364da2661108

Frequently asked questions

What is CVE-2025-11919?: CVE-2025-11919 is a critical-severity vulnerability in Wolfram Research Inc. Cloud, classified under CWE-552 FILES OR DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES. CVSS score: 9.6/10. Published 2026-06-26.
How severe is CVE-2025-11919?: Critical severity. CVSS v3 base score is 9.6 out of 10.