Vulnerability Details CVE-2025-46171
vBulletin 3.8.7 is vulnerable to a denial-of-service condition via the misc.php?do=buddylist endpoint. If an authenticated user has a sufficiently large buddy list, processing the list can consume excessive memory, exhausting system resources and crashing the forum.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.9%
CVSS Severity
CVSS v3 Score 5.4