Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2025-66033 is a medium severity vulnerability with a CVSS score of 5.3. No known exploits currently, and patches are available.
Very low probability of exploitation
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
In the Okta Java SDK, specific multithreaded implementations may encounter memory issues as threads are not properly cleaned up after requests are completed. Over time, this can degrade performance and availability in long-running applications and may result in a denial-of-service condition under sustained load.
You may be affected by this vulnerability if you meet the following preconditions:
Upgrade Okta/okta-sdk-java to versions 24.0.1 or greater.
Okta would like to thank Andrew Pikler (pyckle) for their discovery and responsible disclosure.
| Vendor | Product |
|---|---|
| Okta | Java Management Sdk |
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.