What is GHSA-x9hx-hwff-3m7w?

GHSA-x9hx-hwff-3m7w is a security advisory published by GitHub Security Advisories with High severity. Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers...

Which CVE IDs does GHSA-x9hx-hwff-3m7w cover?

GHSA-x9hx-hwff-3m7w covers the following CVE IDs: CVE-2018-25368. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-x9hx-hwff-3m7w?

GHSA-x9hx-hwff-3m7w has a CVSS v3 base score of 7.5, published by GitHub Security Advisories.

GHSA-x9hx-hwff-3m7wHighCVSS 7.5

Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2018-25368 →

📋 Description

Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers can paste a buffer of repeated characters into the password input field to trigger an application crash when attempting to authenticate.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2018-25368
https://nordvpn.com/download
https://www.exploit-db.com/exploits/45304
https://www.vulncheck.com/advisories/nord-vpn-denial-of-service-via-password-field
https://github.com/advisories/GHSA-x9hx-hwff-3m7w