Vulnerability DatabaseCVE-2025-66001

CVE-2025-66001:
Wolfi vulnerability analysis and mitigation

NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server's authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks.

Source: NVD

View vulnerable instances

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Watch 12-min demo

8.8

Score

Published January 8, 2026

Severity HIGH

CNA Score 8.8

Affected Technologies

Wolfi
Chainguard

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 21.9

Exploitation Probability (EPSS) 0.1

Affected packages and libraries

github.com/neuvector/neuvector
neuvector

Sources

NVD
Chainguard
- Chainguard No FixAdded at: Jan 11, 2026
GitHub Advisory Database
- GoLang Severity HIGHHas FixAdded at: Dec 14, 2025
Wolfi
- Wolfi No FixAdded at: Jan 11, 2026

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

Request assessment

Related Wolfi vulnerabilities:

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-22863	CRITICAL	9.2	Rust	deno	No	Yes	Jan 15, 2026
CVE-2026-22864	HIGH	8.1	Rust	deno	No	Yes	Jan 15, 2026
CVE-2026-1002	MEDIUM	6.9	Java	pki-resteasy-client	No	Yes	Jan 15, 2026
CVE-2026-22045	MEDIUM	5.9	Wolfi	traefik	No	Yes	Jan 15, 2026
CVE-2026-0915	N/A	N/A	Wolfi	glibc-langpack-ak	No	Yes	Jan 15, 2026