CVE-2025-27110

CVE-2025-27110 is a high-severity vulnerability in Trustwave Modsecurity with a CVSS 3.x base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-172.

Key facts

Description

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. A bug that exists only in Libmodsecurity3 version 3.0.13 means that, in 3.0.13, Libmodsecurity3 can't decode encoded HTML entities if they contains leading zeroes. Version 3.0.14 contains a fix. No known workarounds are available.

Frequently asked questions

What is CVE-2025-27110?
Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. A bug that exists only in Libmodsecurity3 version 3.0.13 means that, in 3.0.13, Libmodsecurity3 can't decode encoded HTML entities if they contains leading zeroes. Version 3.0.14 contains a fix. No known workarounds are available.
How severe is CVE-2025-27110?
CVE-2025-27110 has a CVSS 3.x base score of 7.5, rated high severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity high, and availability none.
Is CVE-2025-27110 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (37th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2025-27110?
CVE-2025-27110 affects Trustwave Modsecurity. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2025-27110?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
Does CVE-2025-27110 have an EU (EUVD) identifier?
Yes. CVE-2025-27110 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-5324.
When was CVE-2025-27110 published?
CVE-2025-27110 was published on 2025-02-25 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Trustwave Modsecurity

All CVEs affecting Trustwave Modsecurity →

Other CWE-172 vulnerabilities

Browse all CWE-172 vulnerabilities →