CVE-2025-62782

Name of the Vulnerable Software and Affected Versions InventoryGui versions 1.6.3-SNAPSHOT and earlier

Description InventoryGui, a library for creating chest GUIs for Bukkit/Spigot plugins, contains an issue where GUIs utilizing GuiStorageElement may allow item duplication when the experimental Bundle item feature is enabled on the server. The issue impacts any plugin using the GuiStorageElement when used on a server with the Bundle items experiment enabled.

Recommendations Update to version 1.6.4-SNAPSHOT. Disable the experimental Bundle items feature on the server. Avoid using the GuiStorageElement in GUIs.