CVE-2025-54870

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/leakingmemory/vtun-ng/commit/8c63982b6c487c52db1d56ab94c266f0bc857140", "name": "https://github.com/leakingmemory/vtun-ng/commit/8c63982b6c487c52db1d56ab94c266f0bc857140", "tags": [], "refsource": ""}, {"url": "https://github.com/leakingmemory/vtun-ng/security/advisories/GHSA-m3jc-27c6-2wrf", "name": "https://github.com/leakingmemory/vtun-ng/security/advisories/GHSA-m3jc-27c6-2wrf", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "VTun-ng is a Virtual Tunnel over TCP/IP network. In versions 3.0.17 and below, failure to initialize encryption modules might cause reversion to plaintext due to insufficient error handling. The bug was first introduced in VTun-ng version 3.0.12. This is fixed in version 3.0.18. To workaround this issue, avoid blowfish-256."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-636"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-54870", "ASSIGNER": "security-advisories@github.com"}}, "impact": {}, "publishedDate": "2025-08-05T01:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-05T01:15Z"}