Home > Vulnerability Database > CVE-2025-62784

Mend.io Vulnerability Database

CVE-2025-62784

Good to know:

Date: October 27, 2025

InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is resolved in version 1.6.5.

Severity Score

5.3

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-62784

Url: https://github.com/Phoenix616/InventoryGui/commit/690fc91d137c6cc04f6ed3a89449050964dd8cb9

Url: https://github.com/Phoenix616/InventoryGui/security/advisories/GHSA-7whh-79j3-7c55

Url: https://github.com/Phoenix616/InventoryGui

Url: https://www.mend.io/vulnerability-database/CVE-2025-62784

Severity Score

5.3

Weakness Type (CWE)

Improper Enforcement of a Single, Unique Action

CWE-837

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-62784

Good to know:

Date: October 27, 2025

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?