CVE-2025-61301

Name of the Vulnerable Software and Affected Versions CAPEv2 versions prior to commit 52e4b43 on 2025-05-17

Description The software contains a flaw that allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports. This occurs by generating deeply nested or oversized behavior data that triggers MongoDB BSON limits or orjson recursion errors when a sample executes within the sandbox environment. The issue affects the reporting/mongodb.py and reporting/jsondump.py components.

Recommendations Update to CAPEv2 commit 52e4b43 or a later version.