Skip to main content

Minecraft RCON Terminal CVE-2025-61680

| EUVDEUVD-2025-33194 MEDIUM
Plaintext Storage of a Password (CWE-256)
2025-10-03 security-advisories@github.com
6.6
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
6.6 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
2.1.0
EUVD ID Assigned
Mar 13, 2026 - 19:29 euvd
EUVD-2025-33194
Analysis Generated
Mar 13, 2026 - 19:29 vuln.today
CVE Published
Oct 03, 2025 - 22:15 nvd
MEDIUM 6.6

DescriptionGitHub Advisory

Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.

AnalysisAI

A security vulnerability in plaintext. This issue is fixed in (CVSS 6.6). Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor. Affects plaintext. This issue is fixed in.

RemediationAI

Monitor vendor channels for patch availability.

Share

CVE-2025-61680 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy