Is octoprint affected by CVE-2025-48879?

PyPI octoprint is affected in <1.11.2.

Is CVE-2025-48879 being exploited?

Not on the CISA KEV list. EPSS exploit probability is 0.2%.

medium

CVE-2025-48879

Q: Is CVE-2025-48879 being exploited?

Not on the CISA KEV list. EPSS exploit probability is 0.2%.

PyPI · octoprint

Summary

OctoPrint Vulnerable to Denial of Service through malformed HTTP request in OctoPrint

Severity: medium
EPSS: 0.2% (p13)
Also known as: GHSA-9wj4-8h85-pgrw
Published: 2025-06-10

References

https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-9wj4-8h85-pgrw
https://nvd.nist.gov/vuln/detail/CVE-2025-48879
https://github.com/OctoPrint/OctoPrint/commit/c9c35c17bd820f19c6b12e6c0359fc0cfdd0c1ec

Related advisories

CVE-2025-58180 — high · PyPI/octoprint
CVE-2026-23892 — medium · PyPI/octoprint
CVE-2025-64187 — medium · PyPI/octoprint
CVE-2025-48067 — medium · PyPI/octoprint
CVE-2025-32788 — medium · PyPI/octoprint

Is your project exposed to this? Stateward checks every dependency on every pull request and flags it only if your code actually reaches it.

Check my repo

Summarize with AI

ChatGPT Claude Perplexity

Sources: CISA KEV (public domain), OSV.dev & GitHub Advisory Database (CC-BY-4.0), FIRST EPSS, NVD/CWE (public domain). Served live from the Stateward advisory database.