Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network.
Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild.
Microsoft is preparing and fully testing a comprehensive update to address this vulnerability.  In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.

CVE-2025-53770

The NVIDIA Container Toolkit is a set of libraries that provide capabilities for leveraging the full potentials of NVIDIA GPUs within containers. It allows GPU-accelerated applications to be defined as Docker containers, functioning as a lightweight, stand-alone, executable package.

NVIDIA Container Toolkit

NVIDIA GPU Operator is a Kubernetes operator that simplifies and automates the management of NVIDIA GPUs in containerized environments. It handles the deployment and configuration of GPU drivers, device plugins, and monitoring tools on Kubernetes clusters. The GPU Operator enables seamless integration of GPU-accelerated workloads in cloud-native applications, making it easier for developers and administrators to leverage NVIDIA GPUs for AI, machine learning, and high-performance computing tasks.

NVIDIA GPU Operator

NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service.

CVE-2025-23267

Linux

Linux Kernel

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

The Amazon Linux is a supported and maintained Linux image provided by Amazon Web Services for use on Amazon Elastic Compute Cloud (Amazon EC2).

Amazon Linux

NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.

CVE-2025-23266

Chainguard

Red Hat

Red Hat Errata

Wolfi

SugarCRM is a customer relationship management (CRM) system, providing sales force automation, marketing campaigns, customer support, collaboration, and other tools to manage customer data.

SugarCRM

A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper validation of PHP serialized input in the SugarRestSerialize.php script. The vulnerable code fails to sanitize the rest_data parameter before passing it to the unserialize() function. This allows an unauthenticated attacker to submit crafted serialized data containing malicious object declarations, resulting in arbitrary code execution within the application context. Although SugarCRM released a prior fix in advisory sugarcrm-sa-2016-001, the patch was incomplete and failed to address some vectors.

CVE-2025-25034

Windows

Windows Cumulative Update

Teleport is an open-source security tool that provides developers and system administrators with secure access to infrastructure resources such as servers (SSH) and Kubernetes clusters (K8s). It enforces role-based access control, supports various authentication methods, and captures audit logs for user sessions and actions. Teleport's focus on secure access, access control, and auditing makes it an essential solution for managing and securing modern infrastructure.

Teleport

Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.

CVE-2025-49825

GoLang

GitHub Advisory Database

JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below,   attackers can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden” commits never show up in the repository’s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High‑impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2.

CVE-2025-54586

GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. The vulnerability impacts all users or organizations relying on GitProxy to enforce policy and prevent unapproved changes. It requires no elevated privileges beyond regular push access, and no extra user interaction. It does however, require a GitProxy administrator or designated user (canUserApproveRejectPush) to approve pushes to the child branch. This is fixed in version 1.19.2.

CVE-2025-54585

GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within commit content and carefully constructing the packet structure, the attacker can trick the parser into treating invalid or unintended data as the packfile. Potentially, this would allow bypassing approval or hiding commits. This issue is fixed in version 1.19.2.

CVE-2025-54584

GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). Versions 1.19.1 and below allow users to push to remote repositories while bypassing policies and explicit approvals. Since checks and plugins are skipped, code containing secrets or unwanted changes could be pushed into a repository. This is fixed in version 1.19.2.

CVE-2025-54583

Rust is a multi-paradigm programming language focused on performance and safety, especially safe concurrency.

Rust

vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 and below, untrusted data is extracted from the user-controlled HTTP Proxy-Authorization header and passed to Extension::try_from and flows into parse_ttl_extension where it is parsed as a TTL value. If an attacker supplies a TTL of zero (e.g. by using a username such as 'configuredUser-ttl-0'), the modulo operation 'timestamp % ttl' will cause a division by zero panic, causing the server to crash causing a denial-of-service. This is fixed in version 2.4.0.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-53770	CRITICAL	9.8	N/A	N/A	Yes	Yes	Jul 20, 2025
CVE-2025-23267	HIGH	8.5	NVIDIA Container Toolkit	cpe:2.3:a:nvidia:nvidia_container_toolkit	No	Yes	Jul 17, 2025
CVE-2025-23266	CRITICAL	9	NVIDIA Container Toolkit	nvidia-container-toolkit	No	Yes	Jul 17, 2025
CVE-2025-25034	CRITICAL	9.3	SugarCRM	cpe:2.3:a:sugarcrm:sugarcrm	No	Yes	Jun 20, 2025
CVE-2025-49825	CRITICAL	9.8	Teleport	cpe:2.3:a:goteleport:teleport	No	Yes	Jun 17, 2025

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-54586	HIGH	7.1	JavaScript	@finos/git-proxy	No	Yes	Jul 30, 2025
CVE-2025-54585	HIGH	8.2	JavaScript	@finos/git-proxy	No	Yes	Jul 30, 2025
CVE-2025-54584	HIGH	7	JavaScript	@finos/git-proxy	No	Yes	Jul 30, 2025
CVE-2025-54583	HIGH	8.3	JavaScript	@finos/git-proxy	No	Yes	Jul 30, 2025
CVE-2025-54581	HIGH	7.5	Rust	vproxy	No	Yes	Jul 30, 2025

Wiz Vulnerability Database

Explore by technology

Popular filters

High Profile

Most Recent

Vulnerabilities by the numbers

The good, the bad, and the vulnerable

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?