What is CVE-2025-54781?

CVE-2025-54781 is a low-severity vulnerability in Himmelblau-idm Himmelblau, classified under Insertion of Sensitive Information into Log File. CVSS score: 2.8/10. Published 2025-08-01.

How severe is CVE-2025-54781?

Low severity. CVSS v3 base score is 2.8 out of 10.

Information disclosure in Himmelblau-idm Himmelblau

CVE-2025-54781

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This shor…

EPSS: 0.001 (19.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.8 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N.

Affected products

Himmelblau-idm Himmelblau — versions >= 1.0.0, < 1.1.0

Weakness classification (CWE)

CWE-532 — Insertion of Sensitive Information into Log File

References

https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-78qg-vmrw-574w (x_refsource_CONFIRM)
https://github.com/himmelblau-idm/himmelblau/commit/2d512bded90ac6a54fcdf737b43ff5d9d4cdb59e (x_refsource_MISC)
https://github.com/himmelblau-idm/himmelblau/releases/tag/1.1.0 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-54781?: CVE-2025-54781 is a low-severity vulnerability in Himmelblau-idm Himmelblau, classified under Insertion of Sensitive Information into Log File. CVSS score: 2.8/10. Published 2025-08-01.
How severe is CVE-2025-54781?: Low severity. CVSS v3 base score is 2.8 out of 10.