← back
CVE-2025-10262

An unsanitized format validation vulnerability in Nokia SR Linux

CVSS 6.3 MEDIUMEPSS 0.1%CWE-134
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
16 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privileges.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
Affected products
Nokia · SR Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-10262/