HIGH🇵🇱 Wersja polska

CVE-2025-67745

CVSS 7.1v3.1pub. 2025-12-18upd. 2026-03-05

MyHoard is a daemon for creating, managing and restoring MySQL backups. Starting in version 1.0.1 and prior to version 1.3.0, in some cases, myhoard logs the whole backup info, including the encryption key. Version 1.3.0 fixes the issue. As a workaround, direct logs into /dev/null.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
  • Aiven Myhoard

    APP
    Aiven
    1.0.1 – 1.3.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-55283CRITICAL9.1PL ✓ten sam vendor

Privilege escalation do superuser w Aiven-Db-Migrate przez złośliwy dump PostgreSQL

CVE-2025-55282CRITICAL9.1PL ✓ten sam vendor

Privilege escalation do superużytkownika PostgreSQL w aiven-db-migrate

CVE-2026-25999HIGH7.1ten sam vendor

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an impr...

CVE-2023-32305HIGH8.8ten sam vendor

aiven-extras is a PostgreSQL extension. Versions prior to 1.1.9 contain a privilege escalation vulnerability, ...

CVE-2026-39961MEDIUM6.8ten sam vendor

Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to ...