HTCondor, formerly known as Condor, is an open-source high-throughput computing software framework for coarse-grained distributed computing. It is designed to leverage idle computing resources in a network and to manage a large amount of computationally intensive jobs. The HTCondor system can be used to manage a dedicated cluster of computers, or to harness surplus time on a distributed network where each computer has its own set of users.

HTCondor

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2022-26110	HIGH	8.8	HTCondor	condor	No	Yes	Apr 06, 2022
CVE-2025-30093	HIGH	8.1	HTCondor	condor-debugsource	No	Yes	Mar 27, 2025
CVE-2021-45103	HIGH	8.1	HTCondor	cpe:2.3:a:wisc:htcondor	No	Yes	Apr 06, 2022
CVE-2021-45104	HIGH	7.4	HTCondor	cpe:2.3:a:wisc:htcondor	No	Yes	Apr 06, 2022
CVE-2025-66433	MEDIUM	4.2	HTCondor	condor	No	Yes	Nov 30, 2025

CVE-2025-66433:
HTCondor vulnerability analysis and mitigation

4.2

Related HTCondor vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-66433: HTCondor vulnerability analysis and mitigation