CVE-2025-67900 | NXLog Agent up to 6.10 Environment Variable OPENSSL_CONF inclusion of functionality from untrusted control sphere

A vulnerability described as problematic has been identified in NXLog Agent up to 6.10. This affects an unknown function of the component Environment Variable Handler. The manipulation of the argument OPENSSL_CONF results in inclusion of functionality from untrusted control sphere.

This vulnerability is reported as CVE-2025-67900. The attack requires a local approach. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More