CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2025-27607

High Severity
SVRS
44/100
CVSSv3
NA/10
EPSS
0.00608/1

CVE-2025-27607 is a critical Remote Code Execution (RCE) vulnerability in the Python JSON Logger library. Specifically, versions prior to 3.3.0 are susceptible due to a missing dependency that could allow a malicious third party to execute arbitrary code on systems using the library with development dependencies installed on Python 3.13. This vulnerability arose because the msgspec-python313-pre package was deleted, enabling an attacker to potentially claim the name and inject malicious code. While CVE-2025-27607 has a CVSS score of 0, its SOCRadar Vulnerability Risk Score (SVRS) is 44, indicating a moderate level of real-world risk due to potential exploitability. Although not deemed a "critical" vulnerability based on the SVRS threshold of 80, users should update to version 3.3.0 or later to mitigate the security risk. The vulnerability's significance stems from its potential to allow attackers to gain full control over affected systems, highlighting the importance of careful dependency management in software development.

TAGS
X_refsource_CONFIRM
X_refsource_MISC
In The Wild
VECTOR STRING
PUBLICATION DATE2025-03-07
LAST MODIFIED2025-03-07

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Python JSON Logger Vulnerability Enables Remote Code Execution – PoC Released
Divya2025-04-07
Python JSON Logger Vulnerability Enables Remote Code Execution – PoC Released | A recent security disclosure has revealed a remote code execution (RCE) vulnerability, CVE-2025-27607, in the Python JSON Logger package, affecting versions between 3.2.0 and 3.2.1. This vulnerability arises from a missing dependency, “msgspec-python313-pre,” which could be exploited by malicious actors if they published a package under the same name. Although the severity has been downgraded […] The post Python JSON Logger Vulnerability Enables Remote Code Execution – PoC
gbhackers.com
rss
forum
news
Over 43 Million Python Installations Vulnerable to Dangerous Code Execution Flaw
Divya2025-03-10
Over 43 Million Python Installations Vulnerable to Dangerous Code Execution Flaw | A significant vulnerability has been uncovered in the Python JSON Logger package (python-json-logger), affecting versions 3.2.0 and 3.2.1. This flaw, CVE-2025-27607 allows for remote code execution (RCE) due to misusing a missing dependency known as msgspec-python313-pre. The issue gained widespread attention due to a recent experiment demonstrating how malicious actors could exploit this vulnerability by claiming […] The post Over 43 Million Python Installations Vulnerable to
gbhackers.com
rss
forum
news
CVE-2025-27607 | nhairs python-json-logger up to 3.2.x inclusion of functionality from untrusted control sphere
vuldb.com2025-03-07
CVE-2025-27607 | nhairs python-json-logger up to 3.2.x inclusion of functionality from untrusted control sphere | A vulnerability was found in nhairs python-json-logger up to 3.2.x. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to inclusion of functionality from untrusted control sphere. This vulnerability was named CVE-2025-27607. The attack can be initiated remotely. There is no exploit
vuldb.com
rss
forum
news

Social Media

🚨 RCE Vulnerability in python-json-logger CVE-2025-27607 A missing dependency msgspec-python313-pre left the door open for remote code execution via supply chain hijack. ⚠️ Versions 3.2.0–3.2.1 affected ✅ Patch released in 3.3.0 💥 43M downloads/month = HUGE blast radius https://t.co/fofyC6qJXF
0
0
0
A remote code execution vulnerability (CVE-2025-27607) has been found in Python JSON Logger (3.2.0-3.2.1) due to a missing development dependency. Supply chain security risks remain crucial. ⚠️ #PythonLogger #OpenSource #USA link: https://t.co/QToBeoWESZ https://t.co/gsg9CIB2Zu
0
0
0
Do you smell that? 🍃🌷 It's a fresh recap in vsociety! Captain Nahuel gathered quite the bouquet of scripts, from removing a user from the sudo group to a detection/remediation combo for CVE-2025-27607, a malicious Python package. Catch all the latest in scripting land with https://t.co/VcvUZcvVZz
0
1
1
🚨 Attention users of the popular Python package python-json-logger! Versions 3.2.0 and 3.2.1 faced a supply chain attack from Dec 30, 2024, to March 4, 2025. According to CVE-2025-27607, a key dependency, msgspec-python313-pre, was removed from PyPI, leaving it vulnerable to a
1
0
0
😈🎩 Villain of the Week 🎩😈 CVE-2025-27607 is causing mayhem in the Python JSON Logger package. This flaw allows attackers to execute arbitrary code on systems where the vulnerable package, msgspec-python313-pre, is installed as part of the development dependencies 📝 https://t.co/hHgPAVXAp1
0
0
0
@gridinsoft Thanks for sharing guys. It’s me behind the finding[CVE-2025-27607]
0
0
0
@bGVnaW9u @fofabot Python's logging library, hit by CVE-2025-27607, is widely used across frameworks and tools: - Django: Core logging for web apps, debugging, and error tracking. - Flask: Lightweight web framework, leans on it for request logging. - Celery: Task queue system, logs task
1
0
2
@bGVnaW9u @fofabot Industries most likely tied to the Python logging vuln (CVE-2025-27607): IT services and cybersecurity companies are directly hit—they rely on Python for tools and scripts, so they’re prime targets for RCE exploits. Government and education sectors are indirectly at risk; they
0
1
2
CVE-2025-27607: Popular Python Woodcutting Library is Vulnerable to Remote Code Execution https://t.co/YL78jYPYbn
0
0
1
🚨CVE Alert: Python Logging Library Remote Code Execution Vulnerability🚨 Vulnerability Details: CVE-2025-27607 (CVSS v3 8.8/10) Python Logging Library Remote Code Execution Vulnerability Impact A Successful exploit could allow attackers to execute arbitrary code on systems https://t.co/gD7cbl3iW1
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
HTTPS://GITHUB.COM/NHAIRS/PYTHON-JSON-LOGGER/COMMIT/2548E3A2E3CEDF6BEF3EE7C60C55B7C02D1AF11Ahttps://github.com/nhairs/python-json-logger/commit/2548e3a2e3cedf6bef3ee7c60c55b7c02d1af11a
HTTPS://GITHUB.COM/NHAIRS/PYTHON-JSON-LOGGER/COMMIT/E7761E56EDB980CFAB0165E32469D5FD017A5D72https://github.com/nhairs/python-json-logger/commit/e7761e56edb980cfab0165e32469d5fd017a5d72
HTTPS://GITHUB.COM/NHAIRS/PYTHON-JSON-LOGGER/SECURITY/ADVISORIES/GHSA-WMXH-PXCX-9W24https://github.com/nhairs/python-json-logger/security/advisories/GHSA-wmxh-pxcx-9w24
[email protected]https://github.com/nhairs/python-json-logger/commit/2548e3a2e3cedf6bef3ee7c60c55b7c02d1af11a
[email protected]https://github.com/nhairs/python-json-logger/commit/e7761e56edb980cfab0165e32469d5fd017a5d72
[email protected]https://github.com/nhairs/python-json-logger/security/advisories/GHSA-wmxh-pxcx-9w24
134C704F-9B21-4F2E-91B3-4A467353BCC0https://github.com/nhairs/python-json-logger/security/advisories/GHSA-wmxh-pxcx-9w24
[email protected]https://github.com/nhairs/python-json-logger/commit/2548e3a2e3cedf6bef3ee7c60c55b7c02d1af11a
[email protected]https://github.com/nhairs/python-json-logger/commit/e7761e56edb980cfab0165e32469d5fd017a5d72
[email protected]https://github.com/nhairs/python-json-logger/security/advisories/GHSA-wmxh-pxcx-9w24
GITHUBhttps://github.com/nhairs/python-json-logger/security/advisories/GHSA-wmxh-pxcx-9w24

CWE Details

CWE IDCWE NameDescription
CWE-829Inclusion of Functionality from Untrusted Control SphereThe software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence