What is CVE-2025-5089?

CVE-2025-5089 is a medium-severity vulnerability, classified under Improper Input Validation. CVSS score: 6.5/10. Published 2026-06-05.

How severe is CVE-2025-5089?

Medium severity. CVSS v3 base score is 6.5 out of 10.

CVE-2025-5089

CVE-2025-5089

In a CVX cluster, an EOS switch connected to a CVX server is not resilient to certain malformed messages received from the connected CVX server. Similarly, the CVX server is not resilient to certain malformed messages received from the con…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

psirt@arista.com

Frequently asked questions

What is CVE-2025-5089?: CVE-2025-5089 is a medium-severity vulnerability, classified under Improper Input Validation. CVSS score: 6.5/10. Published 2026-06-05.
How severe is CVE-2025-5089?: Medium severity. CVSS v3 base score is 6.5 out of 10.