What is CVE-2025-62783?

CVE-2025-62783 is a medium-severity vulnerability in Phoenix616 Inventorygui, classified under CWE-837. CVSS score: 5.0/10. Published 2025-10-27.

How severe is CVE-2025-62783?

Medium severity. CVSS v3 base score is 5.0 out of 10.

Vulnerability in Phoenix616 Inventorygui

CVE-2025-62783

InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.1-SNAPSHOT and earlier contain a vulnerability where any plugin using the `GuiStorageElement can allow item duplication when the experimental Bundle…

EPSS: 0.000 (3.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.0 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N.

Affected products

Phoenix616 Inventorygui — versions < 1.6.2-SNAPSHOT

Weakness classification (CWE)

CWE-837

References

https://github.com/Phoenix616/InventoryGui/security/advisories/GHSA-598q-jw82-5w66 (x_refsource_CONFIRM)
https://github.com/Phoenix616/InventoryGui/issues/48 (x_refsource_MISC)
https://github.com/Phoenix616/InventoryGui/commit/27a52ef6d934a1c232e110e0010e4aa810c27029 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-62783?: CVE-2025-62783 is a medium-severity vulnerability in Phoenix616 Inventorygui, classified under CWE-837. CVSS score: 5.0/10. Published 2025-10-27.
How severe is CVE-2025-62783?: Medium severity. CVSS v3 base score is 5.0 out of 10.