CVE-2025-34075
CVE-2025-34075 is a security vulnerability that is still awaiting full analysis and scoring.
Key facts
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-19756
- Published:
- Last modified:
Description
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does not violate a claimed security boundary. https://developer.hashicorp.com/vagrant/docs/synced-folders
Frequently asked questions
- What is CVE-2025-34075?
- Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does not violate a claimed security boundary. https://developer.hashicorp.com/vagrant/docs/synced-folders
- Is CVE-2025-34075 being actively exploited?
- It is not currently listed in CISA's Known Exploited Vulnerabilities catalog, and no EPSS exploit-prediction score is available yet.
- How do I fix CVE-2025-34075?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2025-34075 have an EU (EUVD) identifier?
- Yes. CVE-2025-34075 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-19756.
- When was CVE-2025-34075 published?
- CVE-2025-34075 was published on 2025-07-02 and last updated on 2025-07-16.