What is CVE-2025-69203?

CVE-2025-69203 is a medium-severity vulnerability in Signalk Signalk-server, classified under Authentication Bypass by Spoofing. CVSS score: 6.3/10. Published 2026-01-01.

How severe is CVE-2025-69203?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Vulnerability in Signalk Signalk-server

CVE-2025-69203

Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the access request system have two related features that when combined by themselves and with an information disclosure vulnerability…

EPSS: 0.000 (5.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L.

Affected products

Signalk Signalk-server — versions < 2.19.0

Weakness classification (CWE)

CWE-290 — Authentication Bypass by Spoofing

References

https://github.com/SignalK/signalk-server/security/advisories/GHSA-vfrf-vcj7-wvr8 (x_refsource_CONFIRM)
https://github.com/SignalK/signalk-server/releases/tag/v2.19.0 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-69203?: CVE-2025-69203 is a medium-severity vulnerability in Signalk Signalk-server, classified under Authentication Bypass by Spoofing. CVSS score: 6.3/10. Published 2026-01-01.
How severe is CVE-2025-69203?: Medium severity. CVSS v3 base score is 6.3 out of 10.