← back
CVE-2025-64695

CVE-2025-64695

CVSS 8.4 HIGHEPSS 0.1%CWE-427
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Nov 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with the privilege of the user invoking the installer.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
LogStare Inc. · Installer of LogStare Collector (for Windows)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN77560819/https://www.logstare.com/vulnerability/2025-001/