QwikSec

Security Database

CVE

CWE

Training

CVE-2025-62782

Published: Oct 27, 2025

Modified: Oct 28, 2025

PUBLISHED

Description

InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.3-SNAPSHOT and earlier contain a vulnerability where GUIs using GuiStorageElement can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is resolved in version 1.6.4-SNAPSHOT.

Vendor	Product	Versions
Phoenix616	InventoryGui	affected `< 1.6.4-SNAPSHOT`

Weaknesses (CWE)

References

https://github.com/Phoenix616/InventoryGui/security/advisories/GHSA-rgvh-4m82-fvjq

x_refsource_CONFIRM

https://github.com/Phoenix616/InventoryGui/issues/51

x_refsource_MISC

https://github.com/Phoenix616/InventoryGui/commit/00e684bd689ebc60bcb5b83ce4ef3c5a01778494

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.