Vulnerability in Sylabs Singularity

CVE-2025-64750

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances…

EPSS: 0.001 (3.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.5 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-64750?
CVE-2025-64750 is a medium-severity vulnerability in Sylabs Singularity, classified under UNIX Symbolic Link (Symlink) Following. CVSS score: 4.5/10. Published 2025-12-02.
How severe is CVE-2025-64750?
Medium severity. CVSS v3 base score is 4.5 out of 10.