CVE-2025-59163 is a vulnerability identified in the open-source software supply chain security tool 'vet' developed by safedep. Versions prior to 1.12.5 are affected. The vulnerability arises from the software's reliance on reverse DNS resolution for security-critical actions without proper validation of HTTP Host and Origin headers. This flaw enables a DNS rebinding attack, where an attacker can manipulate DNS responses to bypass same-origin policies and interact with the vet server as if from a trusted origin. Specifically, when vet is deployed as an MCP (Message Control Protocol) server in Server-Sent Events (SSE) mode using default ports, the sqlite3 database used by vet for scan data storage can be exposed to remote attackers. The attacker could exploit this to query sensitive data from the sqlite3 database through the MCP query tool interface. The vulnerability is classified under CWE-350, which relates to reliance on reverse DNS resolution for security decisions, a practice that is inherently insecure due to the possibility of DNS spoofing or rebinding. The CVSS 4.0 score is 2.1 (low severity), reflecting the requirement for user interaction, high attack complexity, and limited confidentiality impact. No known exploits are currently reported in the wild. The issue is resolved in version 1.12.5 of vet by presumably adding proper validation of HTTP headers and mitigating the DNS rebinding attack vector.

For European organizations using safedep's vet tool versions below 1.12.5, this vulnerability could lead to unauthorized exposure of sensitive scan data stored in the sqlite3 database. Since vet is a supply chain security tool, the data it holds may include information about software dependencies, vulnerabilities, and security posture, which if leaked, could aid attackers in crafting targeted attacks or supply chain compromises. The impact is primarily on confidentiality, with no direct integrity or availability effects reported. However, the exposure of sensitive security data could indirectly facilitate further attacks. The low CVSS score suggests exploitation is non-trivial and requires user interaction, limiting widespread impact. Nonetheless, organizations relying on vet in MCP SSE mode with default ports are at risk, especially if the vet server is accessible from untrusted networks. Given the increasing focus on software supply chain security in Europe, any data leakage in this domain is concerning. The vulnerability does not appear to allow remote code execution or system takeover, but the confidentiality breach could undermine trust in supply chain security processes.

European organizations should immediately upgrade safedep vet to version 1.12.5 or later to remediate this vulnerability. If upgrading is not immediately feasible, organizations should restrict network access to the vet MCP server, especially blocking untrusted external access to the default SSE ports. Implement network segmentation and firewall rules to limit vet server communication to trusted internal hosts only. Additionally, organizations should audit their deployment configurations to ensure that HTTP Host and Origin headers are validated, or apply custom reverse proxies that enforce strict header validation and prevent DNS rebinding attacks. Monitoring network traffic for unusual DNS queries or unexpected connections to the vet server can help detect exploitation attempts. Finally, reviewing and securing the sqlite3 database file permissions and access controls will reduce the risk of unauthorized data exposure.