CVE-2025-15224

CVE Details

Visit the official vulnerability details page for CVE-2025-15224 to learn more.

Initial Publication

01/08/2026

Last Update

01/20/2026

Third Party Dependency

curl

NIST CVE Summary

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent.

CVE Severity

3.1

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

Analyzed

Affected Products & Versions

Version	PaletteAI	PaletteAI VerteX
0.7.1	⚠️ Impacted	⚠️ Impacted
0.6.6	⚠️ Impacted	⚠️ Impacted
0.5.11	⚠️ Impacted	⚠️ Impacted

Revision History

No revisions available.

CVE Details​

Initial Publication​

Last Update​

Third Party Dependency​

NIST CVE Summary​

CVE Severity​

Our Official Summary​

Status​

Affected Products & Versions​

Revision History​