CVE-2025-46171
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2025-46171. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum.
Available Exploits
Related News
EU Vulnerability Database
Monitored by ENISA for EU cybersecurity
ENISA Analysis
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum.
Affected Products (ENISA)
ENISA Scoring
CVSS Score (3.1)
ENISA References
Data provided by ENISA EU Vulnerability Database. Last updated: July 23, 2025
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: July 23, 2025, Modified: July 23, 2025