yaml
Security Risk Profile
43
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 4 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from September 26, 2022 to present
4
Total CVEs
2
Critical+High
0
Exploited
1
Unpatched
Threat Assessment
Avg CVSS
6.7
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
43/100
medium
Severity Distribution
Critical
1High
1Medium
2Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
1
Most Affected Products
1. YAML LibYAML2
2. YAML YAML::Syck1
3. Perl Perl1
4. Toddr Yaml\1
5. Ingydotnet Yaml-libyaml Perl1
Recent Vulnerabilities
See more →CVE-2025-11683
CVSS 6.5medium
YAML::Syck versions before 1.36 for Perl has missing Null-Terminators which causes Out-of-Bounds Read and potential Information Disclosure
10/16/2025
REDHAT-BUG-2369630
CVSS 7.0high
6/1/2025🔧 No Patch
CVE-2025-40908
CVSS 9.1critical
YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified
6/1/2025
REDHAT-BUG-2129709
CVSS 4.0medium
9/26/2022🔧 No Patch
Monitor yaml in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.