Vulnerabilities > CVE-2025-0509

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

A security issue was found in Sparkle before version 2.64. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks.