CVE-2025-27616

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Mar 10, 2025

CWE ID 290

CWE ID 345

Summary

CVE-2025-27616 is a vulnerability affecting Vela, a Linux container-based CI/CD framework written in Golang, prior to versions 0.25.3 and 0.26.3. An attacker can hijack repository ownership and exfiltrate repo-level secrets by spoofing a webhook payload with specific headers and body data. This vulnerability impacts users with enabled repositories containing CI secrets in Vela, and anyone with access to the CI instance and the linked source control manager can perform the exploit. Versions 0.25.3 and 0.26.3 have addressed this issue, and no known workarounds are currently available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/39MsN6
https://www.cve.org/CVERecord?id=CVE-2025-27616
https://nvd.nist.gov/vuln/detail/CVE-2025-27616

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-27616

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations