Cyber Resilience

CVE-2025-66648

HighPublic PoC

Published: 05 January 2026

Published
05 January 2026
Modified
05 February 2026
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS Score 0.0003 8.8th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-66648 is a high-severity Cross-site Scripting (CWE-79) vulnerability in Vega-Functions Project Vega-Functions. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-66648 is a cross-site scripting (XSS) vulnerability, classified under CWE-79, affecting the vega-functions package, which provides function implementations for the Vega expression language. Versions prior to 6.1.1 are vulnerable when sites allow untrusted user input into Vega expressions, enabling malicious exploitation of an internal function not exposed in the public API. This leads to the execution of unintended JavaScript code. The vulnerability carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N), indicating high severity due to its network accessibility, low complexity, lack of prerequisites, and scope change.

Attackers can exploit this vulnerability remotely without authentication or user interaction by injecting malicious input into Vega expressions on affected sites. Successful exploitation allows execution of arbitrary JavaScript in the context of the victim's browser, potentially leading to session hijacking, data theft, or further compromise, with low confidentiality and integrity impacts but no availability disruption.

The GitHub Security Advisory (GHSA-m9rg-mr6g-75gm) confirms the issue is fixed in vega-functions version 6.1.1, recommending immediate upgrade as the sole mitigation. No workarounds exist, and using vega.expressionInterpreter in CSP safe mode does not prevent exploitation.

EU & UK References

Vulnerability details

vega-functions provides function implementations for the Vega expression language. Prior to version 6.1.1, for sites that allow users to supply untrusted user input, malicious use of an internal function (not part of the public API) could be used to run…

more

unintentional javascript (XSS). This issue is fixed in vega-functions `6.1.1`. There is no workaround besides upgrading. Using `vega.expressionInterpreter` as described in CSP safe mode does not prevent this issue.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.007 JavaScript Execution
Adversaries may abuse various implementations of JavaScript for execution.
Why these techniques?

XSS in public-facing Vega package directly enables remote unauthenticated exploitation (T1190) resulting in arbitrary JavaScript execution in the browser (T1059.007).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-3231Shared CWE-79
CVE-2025-23481Shared CWE-79
CVE-2025-69302Shared CWE-79
CVE-2025-23734Shared CWE-79
CVE-2025-23571Shared CWE-79
CVE-2025-65110Shared CWE-79
CVE-2026-24948Shared CWE-79
CVE-2025-27352Shared CWE-79
CVE-2025-30349Shared CWE-79
CVE-2026-3876Shared CWE-79

Affected Assets

vega-functions project
vega-functions
≤ 6.1.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation and sanitization of untrusted Vega expressions to block the internal-function XSS payload before JavaScript execution.

prevent

Mandates timely application of the vega-functions 6.1.1 patch that removes the exploitable internal function.

SC-18 Mobile Code partial match
prevent

Restricts acceptance and execution of mobile code (JavaScript) originating from untrusted user-supplied Vega expressions.

References