{"schema_version": "1.6.1", "id": "CVE-2025-62235", "summary": "Incorrect handling of SMP Security Request could lead to undesirable pairing", "details": "Authentication Bypass by Spoofing vulnerability in Apache NimBLE.\n\nReceiving specially crafted Security Request could lead to removal of original bond and re-bond with impostor.\nThis issue affects Apache NimBLE: through 1.8.0.\n\nUsers are recommended to upgrade to version 1.9.0, which fixes the issue.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "0"}, {"last_affected": "0"}]}]}], "references": [{"type": "WEB", "url": "https://github.com/apache/mynewt-nimble/commit/41f67e391e788c5feef9030026cc5cbc5431838a"}, {"type": "WEB", "url": "https://lists.apache.org/thread/rw2mrpfwb9d9wmq4h4b6ctcd6gpkk2ho"}]}