Home > Vulnerability Database > CVE-2025-62169

Mend.io Vulnerability Database

CVE-2025-62169

Good to know:

Date: October 23, 2025

OctoPrint-SpoolManager is a plugin for managing spools and all their usage metadata. In versions 1.8.0a2 and older of the testing branch and versions 1.7.7 and older of the stable branch, the APIs of the OctoPrint-SpoolManager plugin do not correctly enforce authentication or authorization checks. This issue has been patched in versions 1.8.0a3 of the testing branch and 1.7.8 of the stable branch. The impact of this vulnerability is greatly reduced when using OctoPrint version 1.11.2 and newer.

Severity Score

8.1

Related Resources (6)

Url: https://github.com/WildRikku/OctoPrint-SpoolManager/releases/tag/1.7.8

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-62169

Url: https://github.com/WildRikku/OctoPrint-SpoolManager/security/advisories/GHSA-2rrc-f24f-94f6

Url: https://github.com/WildRikku/OctoPrint-SpoolManager/commit/b725e113316e177ce81238a2dbbbdb63d92c40b0

Url: https://github.com/WildRikku/OctoPrint-SpoolManager/releases/tag/1.8.0a3

Url: https://www.mend.io/vulnerability-database/CVE-2025-62169

Severity Score

8.1

Weakness Type (CWE)

Improper Authentication

CWE-287

Top Fix

Upgrade Version

Upgrade to version https://github.com/WildRikku/OctoPrint-SpoolManager.git - 1.7.8

Learn More

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-62169

Good to know:

Date: October 23, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?