AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-27155: Pinecone is an experimental overlay routing protocol suite which is the foundation of the current P2P Matrix demos. The

mediumvulnerability

security

Source: NVD/CVE DatabaseMarch 4, 2025CVE-2025-27155

Summary

Pinecone is an experimental overlay routing protocol suite (a set of rules for how computers communicate across a peer-to-peer network) used in P2P Matrix demos. The Pinecone Simulator tool included in Pinecone up to commit ea4c337 has a stored cross-site scripting vulnerability (XSS, where attackers inject malicious code into a website that gets saved and runs when users view it), though the stored payloads are temporary and disappear when the simulator restarts.

Vulnerability Details

CVSS Score

6.1(medium)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-79 CWE-80

CAPEC (Attack Pattern)

CAPEC-198 CAPEC-86

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-27155

First tracked: February 15, 2026 at 08:48 PM

Classified by LLM (prompt v3) · confidence: 95%