CVE-2025-66909 identifies a denial of service vulnerability in the Turms AI-Serving module version 0.10.0-SNAPSHOT and earlier. The root cause lies in the ExtendedOpenCVImage class within the ai/djl/opencv package, which loads images using OpenCV's imread() function without performing any validation on the image's dimensions or pixel count prior to decompression. This lack of validation allows an attacker to craft a compressed image file—such as a PNG—that is deceptively small in compressed form but expands massively when decompressed, consuming gigabytes of memory. When such an image is processed, the system experiences immediate memory exhaustion, leading to an OutOfMemoryError and crashing the AI-serving service. Since the OCR service component is often publicly accessible and does not require authentication, attackers can exploit this vulnerability remotely without credentials. Multiple requests with decompression bombs can completely deny service availability, resulting in a denial of service (DoS) condition. The vulnerability does not currently have a CVSS score or known exploits in the wild, but the impact on service availability is significant. The absence of input validation and resource constraints in image processing pipelines is a common security weakness that this vulnerability exemplifies. Organizations relying on Turms AI-Serving or similar AI image processing frameworks should be aware of this risk and implement mitigations promptly.

For European organizations, the primary impact of CVE-2025-66909 is the potential for denial of service attacks against AI-serving infrastructures that process images, particularly OCR services exposed to the internet. Such attacks can disrupt critical business operations relying on automated image analysis, including document processing, identity verification, and automated workflows. The memory exhaustion caused by decompression bombs can lead to service outages, degraded performance, and increased operational costs due to recovery efforts. Organizations in sectors such as finance, healthcare, government, and legal services that utilize AI-driven image processing are especially vulnerable to operational disruption. Additionally, repeated service crashes may erode user trust and violate service level agreements (SLAs). Since no authentication is required to exploit the vulnerability if the service is public, attackers can launch these attacks at scale with minimal effort. The lack of known exploits in the wild suggests the vulnerability is newly disclosed, but the ease of exploitation and high impact on availability make it a critical concern for European entities deploying affected versions.

To mitigate CVE-2025-66909, organizations should implement strict input validation on all image files before decompression, including checks on image dimensions, pixel count, and file size limits. Employ resource usage limits such as memory caps and timeouts during image processing to prevent excessive resource consumption. If possible, update or patch the Turms AI-Serving module to a version that addresses this vulnerability once available. Restrict public access to the OCR and image processing services by enforcing authentication and network access controls, such as IP whitelisting or VPN access. Deploy web application firewalls (WAFs) or API gateways that can detect and block suspicious image payloads or unusually large decompression requests. Monitor system logs and resource usage metrics for signs of abnormal memory consumption or repeated crashes. Consider sandboxing image processing components to isolate failures and prevent cascading service outages. Finally, maintain an incident response plan to quickly recover from potential denial of service events.