CVE-2025-68402

FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. password_verify() is currently being called with a constructed string (SHA-256 nonce + part of a bcrypt hash) instead of the raw user password. Due to bcrypt’s 72-byte input truncation, this causes password verification to succeed even when the user enters an incorrect password. This vulnerability is fixed in 1.27.2-dev (476e57b). The issue was only present in the edge branch and never in a stable release.

CVSS

No CVSS.

References

Link	Resource
https://github.com/FreshRSS/FreshRSS/commit/476e57b04646416e24e24c56133c9fadf9e52b95
https://github.com/FreshRSS/FreshRSS/pull/8061
https://github.com/FreshRSS/FreshRSS/pull/8320
https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-pcq9-mq6m-mvmp

Configurations

No configuration.

History

11 Mar 2026, 13:53

Type	Values Removed	Values Added
Summary		(es) FreshRSS es un agregador RSS gratuito y autoalojable. Desde 57e1a37 - 00f2f04, la longitud del nonce se cambió de 40 caracteres a 64. password_verify() se está llamando actualmente con una cadena construida (nonce SHA-256 + parte de un hash bcrypt) en lugar de la contraseña de usuario sin procesar. Debido a la truncación de entrada de 72 bytes de bcrypt, esto provoca que la verificación de la contraseña tenga éxito incluso cuando el usuario introduce una contraseña incorrecta. Esta vulnerabilidad está corregida en 1.27.2-dev (476e57b). El problema solo estuvo presente en la rama 'edge' y nunca en una versión estable.

09 Mar 2026, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-09 20:16

Updated : 2026-03-11 13:53

NVD link : CVE-2025-68402

Mitre link : CVE-2025-68402

CVE.ORG link : CVE-2025-68402

JSON object : View

Products Affected

No product.

CWE

CWE-287

Improper Authentication

{"id": "CVE-2025-68402", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.2, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-09T20:16:01.963", "references": [{"url": "https://github.com/FreshRSS/FreshRSS/commit/476e57b04646416e24e24c56133c9fadf9e52b95", "source": "security-advisories@github.com"}, {"url": "https://github.com/FreshRSS/FreshRSS/pull/8061", "source": "security-advisories@github.com"}, {"url": "https://github.com/FreshRSS/FreshRSS/pull/8320", "source": "security-advisories@github.com"}, {"url": "https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-pcq9-mq6m-mvmp", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. password_verify() is currently being called with a constructed string (SHA-256 nonce + part of a bcrypt hash) instead of the raw user password. Due to bcrypt\u2019s 72-byte input truncation, this causes password verification to succeed even when the user enters an incorrect password. This vulnerability is fixed in 1.27.2-dev (476e57b). The issue was only present in the edge branch and never in a stable release."}, {"lang": "es", "value": "FreshRSS es un agregador RSS gratuito y autoalojable. Desde 57e1a37 - 00f2f04, la longitud del nonce se cambi\u00f3 de 40 caracteres a 64. password_verify() se est\u00e1 llamando actualmente con una cadena construida (nonce SHA-256 + parte de un hash bcrypt) en lugar de la contrase\u00f1a de usuario sin procesar. Debido a la truncaci\u00f3n de entrada de 72 bytes de bcrypt, esto provoca que la verificaci\u00f3n de la contrase\u00f1a tenga \u00e9xito incluso cuando el usuario introduce una contrase\u00f1a incorrecta. Esta vulnerabilidad est\u00e1 corregida en 1.27.2-dev (476e57b). El problema solo estuvo presente en la rama 'edge' y nunca en una versi\u00f3n estable."}], "lastModified": "2026-03-11T13:53:47.157", "sourceIdentifier": "security-advisories@github.com"}