CVE-2025-58450
Published: 08 September 2025
Summary
CVE-2025-58450 is a critical-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 9.3 (Critical).
Operationally, ranked at the 18.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-27177
Vulnerability details
pREST (PostgreSQL REST), is an API that delivers an application on top of a Postgres database. SQL injection is possible in versions prior to 2.0.0-rc3. The validation present in versions prior to 2.0.0-rc3 does not provide adequate protection from injection…
more
attempts. Version 2.0.0-rc3 contains a patch to mitigate such attempts.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.