CVE-2025-22166

CWE-4053 documents3 sources

Severity

8.3HIGH

EPSS

0.1%

top 74.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Atlassian Confluence Data Center Atlassian Confluence Server

Timeline

PublishedOct 21

Description

This High severity DoS (Denial of Service) vulnerability was introduced in version 2.0 of Confluence Data Center. This DoS (Denial of Service) vulnerability, with a CVSS Score of 8.3, allows an attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Atlassian recommends that Confluence Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H

Affected Packages3 packages

▶NVDatlassian/confluence_data_center8.5.0 — 8.5.25+2

▶CVEListV5atlassian/confluence_data_center12 versions+11

▶NVDatlassian/confluence_server8.5.0 — 8.5.25+2

🔴Vulnerability Details

GHSA

GHSA-879m-mhmf-vg5r: This High severity DoS (Denial of Service) vulnerability was introduced in version 2↗2025-10-21

▶

CVEList

CVE-2025-22166: This High severity DoS (Denial of Service) vulnerability was introduced in version 2↗2025-10-21

▶