Browse all 4 CVE security advisories affecting powsybl. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PowSyBl is an open-source software suite for modeling and simulating power system grids, widely used by utilities and grid operators. Historically, it has been susceptible to remote code execution and cross-site scripting vulnerabilities due to improper input validation and insecure deserialization. The project maintains a moderate security posture with four CVEs recorded, primarily focusing on RCE flaws in its REST API components. While no major public incidents have been documented, the codebase's complexity and network-facing interfaces present persistent risks. Regular security updates and input sanitization remain critical for maintaining secure deployments in critical infrastructure environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-48059 | PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion — powsybl-coreCWE-1333 | 7.5AI | HighAI | 2025-06-20 |
| CVE-2025-48058 | PowSyBl Core contains Polynomial REDoS’es — powsybl-coreCWE-1333 | 7.5AI | HighAI | 2025-06-20 |
| CVE-2025-47771 | PowSyBl Core allows deserialization of untrusted SparseMatrix data — powsybl-coreCWE-502 | 8.8AI | HighAI | 2025-06-19 |
| CVE-2025-47293 | PowSyBl Core XML Reader allows XXE and SSRF — powsybl-coreCWE-611 | 6.5AI | MediumAI | 2025-06-19 |
This page lists every published CVE security advisory associated with powsybl. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.