CVE-2025-46556
MEDIUM severity · CVSS 6.5 · Resource exhaustion
6.5CVSS MEDIUM
Summary
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.27.1 and below allow attackers to permanently corrupt issue activity logs by submitting extremely long notes (tested with 4,788,761 characters) due to a lack of server-side validation of note length. Once such a note is added, the activity stream UI fails to render; therefore, new notes cannot be displayed, effectively breaking all future collaboration on the issue. This issue is fixed in version 2.27.2.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges requiredLow
User interactionNone
Confidentiality impactNone
Integrity impactNone
Availability impactHigh
Exploit probability (EPSS)0%
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Official patch: https://github.com/mantisbt/mantisbt/commit/c99a41272532ba49b5c8dccb7797afead9864234 ↗
Additional information
- NVD record
- https://github.com/mantisbt/mantisbt/commit/c99a41272532ba49b5c8dccb7797afead9864234Patch
- https://github.com/mantisbt/mantisbt/commit/d5cec6bffb44d54bd412c186b9baa409b1aa4238Patch
- https://github.com/mantisbt/mantisbt/commit/e9119c68b4a0eaa0bbde3deb121e81f5f7157361Patch
- https://github.com/mantisbt/mantisbt/security/advisories/GHSA-r3jf-hm7q-qfw5Advisory