{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2019-25572", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-21T12:40:32.843Z", "datePublished": "2026-03-21T12:47:11.466Z", "dateUpdated": "2026-03-23T15:38:06.456Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-21T12:47:11.466Z"}, "title": "NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow", "descriptions": [{"lang": "en", "value": "NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Handling of Overlap Between Protected Memory Ranges", "cweId": "CWE-1260", "type": "CWE"}]}], "affected": [{"vendor": "Nordvpn", "product": "NordVPN", "versions": [{"version": "6.19.6", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:nordvpn:nordvpn:6.19.6:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:nordvpn:nordvpn:3.3.10:*:*:*:*:macos:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:nordvpn:nordvpn:6.12.7.0:*:*:*:*:windows:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:nordvpn:nordvpn:6.14.28.0:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 6.9, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/46343", "name": "ExploitDB-46343", "tags": ["exploit"]}, {"url": "https://nordvpn.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/nordvpn-denial-of-service-via-email-field-buffer-overflow"}], "credits": [{"lang": "en", "value": "Alejandra S\u00e1nchez", "type": "finder"}], "x_generator": {"engine": "vulncheck"}, "datePublic": "2019-02-11T00:00:00.000Z"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T15:37:57.295161Z", "id": "CVE-2019-25572", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T15:38:06.456Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-25572", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T15:37:57.295161Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T15:38:01.912Z"}}], "cna": {"title": "NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow", "credits": [{"lang": "en", "type": "finder", "value": "Alejandra S\u00e1nchez"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Nordvpn", "product": "NordVPN", "versions": [{"status": "affected", "version": "6.19.6"}]}], "datePublic": "2019-02-11T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/46343", "name": "ExploitDB-46343", "tags": ["exploit"]}, {"url": "https://nordvpn.com/", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/nordvpn-denial-of-service-via-email-field-buffer-overflow", "name": "VulnCheck Advisory: NordVPN 6.19.6 Denial of Service via Email Field Buffer Overflow", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1260", "description": "Improper Handling of Overlap Between Protected Memory Ranges"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nordvpn:nordvpn:6.19.6:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:nordvpn:nordvpn:3.3.10:*:*:*:*:macos:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:nordvpn:nordvpn:6.12.7.0:*:*:*:*:windows:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:nordvpn:nordvpn:6.14.28.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-21T12:47:11.466Z"}}}, "cveMetadata": {"cveId": "CVE-2019-25572", "state": "PUBLISHED", "dateUpdated": "2026-03-23T15:38:06.456Z", "dateReserved": "2026-03-21T12:40:32.843Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-21T12:47:11.466Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nordvpn:nordvpn:*:*:*:*:*:windows:*:*", "matchCriteriaId": "C912F120-836D-4BC2-B181-D241D636412A", "versionEndIncluding": "6.19.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash."}, {"lang": "es", "value": "NordVPN 6.19.6 contiene una vulnerabilidad de denegaci\u00f3n de servicio que permite a atacantes locales provocar un fallo en la aplicaci\u00f3n al enviar una cadena excesivamente larga en el campo de entrada de correo electr\u00f3nico. Los atacantes pueden pegar un b\u00fafer de 100.000 caracteres en el campo de correo electr\u00f3nico durante el inicio de sesi\u00f3n para provocar un fallo en la aplicaci\u00f3n."}], "id": "CVE-2019-25572", "lastModified": "2026-04-15T17:12:40.193", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "disclosure@vulncheck.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-21T13:16:21.200", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Broken Link"], "url": "https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://nordvpn.com/"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46343"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/nordvpn-denial-of-service-via-email-field-buffer-overflow"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1260"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.19.6"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "NordVPN", "source": "cna", "vendor": "Nordvpn"}, "product": "nordvpn", "vendor": "nordvpn"}], "analysis": {"en": {"generated_at": "2026-03-21T14:50:44.494661+00:00", "value": {"mitigation_remediation": ["Update NordVPN to the latest version (6.19.7 or newer) as soon as it becomes available.", "If an update is unavailable, avoid using the login email field or terminate the application after troubleshooting to prevent repeated crashes.", "Keep the host operating system updated to mitigate related buffer\u2011overflow exploitation vectors.", "Check NordVPN\u2019s support channels for additional guidance and confirm that the issue is resolved in subsequent releases."], "summary": {"action": "Patch Update", "impact": "Denial of Service via local email field buffer overflow"}, "threat_synthesis": {"affected_systems": "The vulnerability specifically affects the Windows version 6.19.6 of the NordVPN client. Other product versions are listed in the CPE data, but the official description only identifies 6.19.6 as impacted.", "description_and_impact": "A local attacker can cause the NordVPN client to crash by entering an excessively long string\u2014over 100,000 characters\u2014into the email input field during the login process. The overflow triggers a buffer corruption that terminates the application, resulting in loss of availability without compromising data integrity or confidentiality.", "risk_and_exploitability": "The flaw has a CVSS score of 6.9, indicating moderate severity. No EPSS data is available, and the vulnerability is not listed in the CISA KEV catalog. Because the exploit requires local access and manual input of an oversized email string, the attack vector is local and non-remote. An attacker with local privileges can easily trigger the crash, leading to repeated service disruption. The risk is therefore moderate but notable for environments where NordVPN usability is essential."}}}}, "created": "2026-03-23T09:49:09.442369+00:00", "updated": "2026-03-25T14:47:11.814835+00:00", "vendors": ["nordvpn", "nordvpn$PRODUCT$nordvpn"]}