CVE-2025-8865

Name of the Vulnerable Software and Affected Versions: YugabyteDB (affected versions not specified)

Description: The YugabyteDB tablet server has a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed inputs. An authenticated attacker could exploit this issue to crash the YCQL tablet server, resulting in a denial of service.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.