CVE-2025-5459
The CVE-2025-5459 entry affects Puppet Enterprise: versions 2018.1.8–2023.8.3 and 2025.3 are vulnerable due to a misused node group editing permission and a crafted class parameter that could allow commands to run with root privileges on the primary host. It has been fixed in Puppet Enterprise 20...