cbcvebase.
CVE-2025-48991
published 2025-06-25

CVE-2025-48991: Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability present in Tuleap…

PriorityP420medium4.3CVSS 3.1
AVNACLPRNUIRSUCNILAN
EPSS
0.15%
4.3th percentile
Tuleap is an Open Source Suite to improve management of software developments and collaboration. An attacker could use a vulnerability present in Tuleap Community Edition prior to version 16.8.99.1748845907 and Tuleap Enterprise Edition prior to versions 16.8-3 and 16.7-5 to trick victims into changing the canned responses. Tuleap Community Edition 16.8.99.1748845907, Tuleap Enterprise Edition 16.8-3, and Tuleap Enterprise Edition 16.7-5 contain a fix for the vulnerability.

Affected

4 ranges
VendorProductVersion rangeFixed in
enaleantuleap< 16.8-316.8-3
enaleantuleap< 16.7-516.7-5
enaleantuleap< 16.8.99.174884590716.8.99.1748845907
enaleantuleap>= 16.8 < 16.8-316.8-3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.