CVE-2026-1225

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions logback-core versions prior to 1.5.25

Description A configuration file processing issue exists in QOS.CH logback-core, potentially allowing an attacker to instantiate classes already present on the system's class path by manipulating a logback configuration file. Successful exploitation requires write access to a configuration file and the presence of a malicious Java class on the user's class path. After instantiation, the instance is likely discarded.

Recommendations Update to logback-core version 1.5.25 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CLEANSTART-2026-CF62516

CLEANSTART-2026-CI66802

CLEANSTART-2026-DD05788

CLEANSTART-2026-DO09088

CLEANSTART-2026-EP51501

CLEANSTART-2026-EZ90321

CLEANSTART-2026-GH89210

CLEANSTART-2026-HQ78610

CLEANSTART-2026-IS05941

CLEANSTART-2026-JK47870

CLEANSTART-2026-KM27583

CLEANSTART-2026-KU61465

CLEANSTART-2026-LE11246

CLEANSTART-2026-LO22603

CLEANSTART-2026-RD06185

CLEANSTART-2026-RM01950

CLEANSTART-2026-RN56220

CLEANSTART-2026-SP91806

CLEANSTART-2026-TX96881

CLEANSTART-2026-VH41554

CVE-2026-1225

GHSA-QQPG-MVQG-649V

OPENSUSE-SU-2026:10114-1

SUSE-SU-2026:0361-1

Affected Products

Logback-Core

CVE-2026-1225

Weakness Enumeration

Related Identifiers

Affected Products

References · 439