{"cve":{"cve_id":"CVE-2018-25042","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00928,"epss_percentile":0.55889,"epss_as_of":"2026-06-23","description":"A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component.","published_at":"2022-06-17T04:45:33Z","last_modified_at":null,"cvss_v3_score":5.0,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"poc","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":["CWE-119"],"nvd_references":["https://bugs.chromium.org/p/project-zero/issues/detail?id=1524","https://www.scmagazineuk.com/utorrent-apps-vulnerable-to-remote-code-execution-information-disclosure/article/746248/","https://vuldb.com/?id.113805"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:11:17.485507Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"R","value_label":"Required"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"unspecified","vendor_name":"unspecified","product_slug":"utorrent","product_name":"uTorrent","version_start":"n/a","version_start_inclusive":true,"version_end":"n/a","version_end_inclusive":true,"cpe23_uri":"cve5:unspecified:utorrent:n/a:n/a"}],"exploit_refs":[],"news":[],"references":[{"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1524","source_type":"MISC","tags":[]},{"url":"https://www.scmagazineuk.com/utorrent-apps-vulnerable-to-remote-code-execution-information-disclosure/article/746248/","source_type":"MISC","tags":[]},{"url":"https://vuldb.com/?id.113805","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2022-06-17T04:45:33Z","label":"CVE published","source":null},{"type":"ssvc_changed","at":"2026-06-24T00:31:12.162116Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:12.162116Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:12.162116Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:12.162116Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:12.162116Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:12.162116Z","label":"CVSS score revised","source":"vulnrichment"}]}