vulnerability in perforator project

 While working on perforator project, I identified a vulnerability [(CVE-2025-66406)](https://vulert.com/vuln-db/CVE-2025-66406) in Step CA’s SSHPOP provisioner. Due to an improper authorization check, an attacker with limited access could revoke SSH certificates without proper permissions, potentially disrupting secure access across systems using these certificates.

[CVE Link](https://vulert.com/vuln-db/CVE-2025-66406)
[CVE Report](https://vulert.com/vuln-scan/list/137bf2fc-2639-4f48-8ca2-5cca7864c7aa?sort_order=desc&sort_by=created_at)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

vulnerability in perforator project #77

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

vulnerability in perforator project #77

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions