HOMEVULNERABILITIESCVE-2025-12543
CRITICAL

CVE-2025-12543

Published: January 7, 2026· Updated: Mar 13, 2026

9.6
CVSS v3.1

Official Description

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.

NVD Source

Technical Analysis

CVE-2025-12543 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

Affected Vendors & Products

Mentioned vendors (from description):
Java
CPE data not yet available in NVD for this CVE.

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

Quick Facts

CVE IDCVE-2025-12543
CVSS Score9.6 / 10
SeverityCRITICAL
CISA KEVNo
PublishedJan 7, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2025-12543 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.