Vulnerability in Oracle GraalVM for JDK Product by Oracle
CVE-2025-61755

3.7LOW

Key Information:

Vendor: Oracle
Status: Oracle Graalvm For Jdk
Vendor: CVE Published:; 21 October 2025

What is CVE-2025-61755?

A vulnerability exists in Oracle GraalVM for JDK that could enable an unauthorized attacker to gain access to sensitive data. Affected versions, specifically Oracle GraalVM for JDK 17.0.16 and 21.0.8, may be exploited through network access, potentially allowing attackers to read unauthorized subsets of accessible data. This vulnerability highlights the importance of securing network interfaces and ensuring data confidentiality.

Affected Version(s)

Oracle GraalVM for JDK 17.0.16

Oracle GraalVM for JDK 21.0.8

References

https://www.oracle.com/security-alerts/cpuoct2025.html

vendor-advisory

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2025
Vulnerability Reserved
Sep 30, 2025

JSON