What is the CVSS score of CVE-2025-59464?

CVE-2025-59464 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.1%.

Which versions of TLS are affected by CVE-2025-59464?

CVE-2025-59464 presents notable security risk, a resource exhaustion vulnerability rated CVSS 7.5.. A patch is available.

How to fix or mitigate CVE-2025-59464?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Monitor vendor channels for patch availability.

TLS CVE-2025-59464

HIGH

Uncontrolled Resource Consumption (CWE-400)

2026-01-20 support@hackerone.com

Denial Of Service TLS Node.js OpenSSL Red Hat Node.Js Suse

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Patch released

Apr 06, 2026 - 20:30 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Jan 20, 2026 - 21:16 nvd

HIGH 7.5

DescriptionNVD

A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications call socket.getPeerCertificate(true), each certificate field leaks memory, allowing remote clients to trigger steady memory growth through repeated TLS connections. Over time this can lead to resource exhaustion and denial of service.

AnalysisAI

A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. [CVSS 7.5 HIGH]

Technical ContextAI

Classified as CWE-400 (Uncontrolled Resource Consumption). Affects Node.Js. A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications call socket.getPeerCertificate(true), each certificate field leaks memory, allowing remote clients to trigger steady memory growth through repeated TLS connections. Over time this can lead to resource exhaustion and denial of service.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

More from same product – last 7 days

CVE-2026-44050 CRITICAL Act Now

9.9 May 21

Heap buffer overflow in the Netatalk cnid_metad daemon's comm_rcv() function allows remote attackers with low-level priv

CVE-2026-44048 HIGH This Week

8.8 May 21

Stack-based buffer overflow in Netatalk versions 2.0.4 through 4.4.2 allows authenticated remote attackers to corrupt me

CVE-2026-44047 HIGH This Week

8.8 May 21

SQL injection in Netatalk 3.1.0 through 4.4.2 allows authenticated remote attackers to compromise the MySQL-backed CNID

CVE-2026-44051 HIGH This Week

8.1 May 21

Arbitrary file read in Netatalk 3.0.2 through 4.4.2 allows authenticated remote attackers to create attacker-controlled

CVE-2026-9277 HIGH This Week

8.1 May 22

Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr

Vendor StatusVendor

CVE-2025-59464 vulnerability details – vuln.today

Back

TLS CVE-2025-59464

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code