Vulnerability Details CVE-2025-27531
Deserialization of Untrusted Data vulnerability in Apache InLong.
This issue affects Apache InLong: from 1.13.0 before 2.1.0,
this issue would allow an authenticated attacker to read arbitrary files by double writing the param.
Users are recommended to upgrade to version 2.1.0, which fixes the issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.4%
CVSS Severity
CVSS v3 Score 9.8
References