Home > Vulnerability Database > CVE-2025-61680

Mend.io Vulnerability Database

CVE-2025-61680

Good to know:

Date: October 3, 2025

Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.

Severity Score

7.5

Related Resources (5)

Url: https://github.com/jaketcooper/Minecraft-rcon/releases/tag/2.1.0

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-61680

Url: https://github.com/jaketcooper/Minecraft-rcon/commit/31272b541482d095d1578855c2b571268eb9b877

Url: https://github.com/jaketcooper/Minecraft-rcon/security/advisories/GHSA-4m33-hxqw-7j77

Url: https://www.mend.io/vulnerability-database/CVE-2025-61680

Severity Score

7.5

Weakness Type (CWE)

Plaintext Storage of a Password

CWE-256

Top Fix

Upgrade Version

Upgrade to version https://github.com/jaketcooper/Minecraft-rcon.git - 2.1.0

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-61680

Good to know:

Date: October 3, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?