Vulnerability in Nationalsecurityagency Emissary
CVE-2025-27508
Emissary is a P2P based data-driven workflow engine. The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use case…
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.001 (32.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.
Affected products
- Nationalsecurityagency Emissary — versions < 8.24.0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2025-27508?
- CVE-2025-27508 is a high-severity vulnerability in Nationalsecurityagency Emissary, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 7.5/10. Published 2025-03-05.
- How severe is CVE-2025-27508?
- High severity. CVSS v3 base score is 7.5 out of 10.