CVE-2025-11226

CVSS v4.0

5.9

Medium

Vector

AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L

Name of the Vulnerable Software and Affected Versions logback-core versions up to and including 1.5.18

Description A flaw exists in the conditional configuration file processing within logback-core, potentially allowing an attacker to execute arbitrary code. This is possible by compromising an existing logback configuration file or injecting a malicious environment variable before program execution. Successful exploitation requires the presence of the Janino library and the Spring Framework on the user's class path, as well as write access to a configuration file or the ability to inject a malicious environment variable. The issue involves the QOS.CH component.

Recommendations Update logback-core to a version later than 1.5.18.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2025-11226

GHSA-25QH-J22F-PWP8

OPENSUSE-SU-2025:15597-1

SUSE-SU-2025:03456-1

Affected Products

Janino

Spring Framework

Logback-Core

CVE-2025-11226

Weakness Enumeration

Related Identifiers

Affected Products

References · 18