PatchSiren

Plesk CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Plesk CVE published 2026-01-08

CVE-2025-65518

CVE-2025-65518 is a high-severity Denial of Service (DoS) vulnerability affecting Plesk Obsidian versions 8.0.1 through 18.0.73. The vulnerability exists in the get_password.php endpoint, where a crafted request containing a malicious payload can cause the affected web interface to continuously reload, rendering the service unavailable to legitimate users. An attacker can exploit this issue remotely witho [truncated]