CVE-2025-37164

A remote code execution issue exists in HPE OneView.

Basic Information

CVE State: PUBLISHED
Reserved Date: April 16, 2025
Published Date: December 16, 2025
Last Updated: February 26, 2026
Vendor: Hewlett Packard Enterprise (HPE)
Product: HPE OneView
Description: A remote code execution issue exists in HPE OneView.
Tags

CVSS Scores

CVSS v3.1

10.0 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2026-06-01 10:48:30 UTC) Source

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US

Known Exploited Vulnerability Information

Source	Added Date
CVE	2026-06-01 10:48:30 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-37164.yaml	2026-06-01 15:34:41 UTC

Timeline

CVE ID Reserved

April 16, 2025
CVE Published to Public

December 16, 2025
Added to KEVIntel

June 01, 2026
Detected by Nuclei

June 01, 2026