CVE-2025-62349 – Salt Master authentication protocol downgrade may enable minion impersonation

CVE ID : CVE-2025-62349

Published : Jan. 30, 2026, 7:16 p.m. | 1 hour, 55 minutes ago

Description : Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and circumventing protections introduced in response to prior issues.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…