CVE-2018-25368
Published: 25 May 2026
Summary
CVE-2018-25368 is a high-severity Memory Allocation with Excessive Size Value (CWE-789) vulnerability in Nordvpn (inferred from references). Its CVSS base score is 8.7 (High).
Operationally, ranked at the 30.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2018-21891
Vulnerability details
Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers can paste a buffer of repeated characters into the password input field…
more
to trigger an application crash when attempting to authenticate.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.