API Misconfiguration Vulnerability in Open Xchange Products
CVE-2025-30188

7.5HIGH

Key Information:

Vendor: Open-xchange Gmbh
Status: Ox App Suite
Vendor: CVE Published:; 31 October 2025

🔔 Create Open-xchange Gmbh Vulnerability Alert

What is CVE-2025-30188?

This vulnerability allows malicious or inadvertent API requests to flood caches with excessive amounts of data. As a consequence, essential information required for the web frontend operation may be evicted, leading to potential disruptions in service availability. Users are advised to implement recommended updates and patch releases to mitigate this issue, although there are currently no known public exploits.

Affected Version(s)

OX App Suite 0 <= 2.1.7

References

https://documentation.open-xchange.com/appsuite/security/...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 31, 2025
Vulnerability Reserved
Mar 18, 2025

JSON