cbcvebase.
CVE-2025-9615
published 2026-01-26

CVE-2025-9615: A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to…

PriorityP416low3.3CVSS 3.0
AVLACLPRLUINSUCLINAN
EPSS
0.16%
5.8th percentile
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

Affected

2 ranges
VendorProductVersion rangeFixed in
debiannetwork-manager< network-manager 1.54.3-1 (forky)network-manager 1.54.3-1 (forky)
network-manager_projectnetwork-manager>= 0 < 1.54.3-11.54.3-1

CVSS provenance

nvdv3.03.3LOWCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv3.3LOW
vendor_debian3.3LOW
vendor_redhat3.3LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.