Vulnerability in Yugabytedb Inc
CVE-2025-8863
YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission
EPSS: 0.002 (12.3th percentile) — read the EPSS interpretation.
Affected products
- Yugabytedb Inc — versions 2024.1.0, 2.20.0.0, 2.23.0.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2025-8863?
- CVE-2025-8863 is a vulnerability in Yugabytedb Inc, classified under Cleartext Transmission of Sensitive Information. Published 2025-08-11.
- Is CVE-2025-8863 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.