Cyber Resilience

CVE-2025-61141

HighRCE

Published: 30 October 2025

Published
30 October 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0058 69.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-61141 is a high-severity Command Injection (CWE-77) vulnerability in Dw1 (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 30.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

sqls-server/sqls version 0.2.28 is affected by a command injection vulnerability in the config command. The openEditor function passes the EDITOR environment variable and the configuration file path directly to sh -c without sanitization, enabling arbitrary command execution and corresponding to CWE-77.

An unauthenticated remote attacker can trigger the flaw over the network without user interaction to achieve integrity impacts on the target system, consistent with the assigned CVSS 3.1 score of 7.5.

Public references containing further advisory and patch information are located at https://advisory.dw1.io/54/, https://github.com/sqls-server/sqls/, and https://lukmanern.github.io/CVE-2025-61141.html.

The associated EPSS score rose materially from a low baseline to a peak of 0.0201 on 2026-01-13 before receding to the current value of 0.0058.

EU & UK References

Vulnerability details

sqls-server/sqls 0.2.28 is vulnerable to command injection in the config command because the openEditor function passes the EDITOR environment variable and config file path to sh -c without sanitization, allowing attackers to execute arbitrary commands.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

Dw1
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References