Vulnerability in Phoenix616 Inventorygui

CVE-2025-62784

InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow it…

EPSS: 0.000 (3.6th percentile) — read the EPSS interpretation.

Affected products

Phoenix616 Inventorygui — versions < 1.6.5

Weakness classification (CWE)

CWE-837

References

https://github.com/Phoenix616/InventoryGui/security/advisories/GHSA-7whh-79j3-7c55 (x_refsource_CONFIRM)
https://github.com/Phoenix616/InventoryGui/commit/690fc91d137c6cc04f6ed3a89449050964dd8cb9 (x_refsource_MISC)