CVE-2025-64997 - Insufficient permission validation when showing agent information
CVE ID : CVE-2025-64997
Published : Dec. 18, 2025, 9:11 a.m. | 1 hour, 2 minutes ago
Description : Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-64997
Published : Dec. 18, 2025, 9:11 a.m. | 1 hour, 2 minutes ago
Description : Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14874 - Nodemailer: nodemailer: denial of service via crafted email address header
CVE ID : CVE-2025-14874
Published : Dec. 18, 2025, 9:15 a.m. | 58 minutes ago
Description : A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14874
Published : Dec. 18, 2025, 9:15 a.m. | 58 minutes ago
Description : A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13641 - Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery <= 3.59.12 - Authenticated (Contributor+) Local File Inclusion via 'template'
CVE ID : CVE-2025-13641
Published : Dec. 18, 2025, 9:21 a.m. | 52 minutes ago
Description : The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.59.12 via the 'template' shortcode parameter. This is due to insufficient path validation that allows absolute paths to be provided. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary PHP files on the server, bypassing web server restrictions like .htaccess. Successful exploitation could lead to information disclosure, code execution in the WordPress context, and potential remote code execution if combined with arbitrary file upload capabilities.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13641
Published : Dec. 18, 2025, 9:21 a.m. | 52 minutes ago
Description : The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.59.12 via the 'template' shortcode parameter. This is due to insufficient path validation that allows absolute paths to be provided. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary PHP files on the server, bypassing web server restrictions like .htaccess. Successful exploitation could lead to information disclosure, code execution in the WordPress context, and potential remote code execution if combined with arbitrary file upload capabilities.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13730 - OpenID Connect Generic Client <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE ID : CVE-2025-13730
Published : Dec. 18, 2025, 9:21 a.m. | 52 minutes ago
Description : The OpenID Connect Generic Client plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'openid_connect_generic_auth_url' shortcode in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13730
Published : Dec. 18, 2025, 9:21 a.m. | 52 minutes ago
Description : The OpenID Connect Generic Client plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'openid_connect_generic_auth_url' shortcode in all versions up to, and including, 3.10.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14364 - Demo Importer Plus <= 2.0.8 - Missing Authorization to Authenticated (Subscriber+) Site Reset and Privilege Escalation
CVE ID : CVE-2025-14364
Published : Dec. 18, 2025, 9:21 a.m. | 52 minutes ago
Description : The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missing capability check on the Ajax::handle_request() function in all versions up to, and including, 2.0.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger a full site reset, dropping all database tables except users/usermeta and re-running wp_install(), which also assigns the Administrator role to the attacking subscriber account.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14364
Published : Dec. 18, 2025, 9:21 a.m. | 52 minutes ago
Description : The Demo Importer Plus plugin for WordPress is vulnerable to unauthorized modification of data, loss of data, and privilege escalation due to a missing capability check on the Ajax::handle_request() function in all versions up to, and including, 2.0.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to trigger a full site reset, dropping all database tables except users/usermeta and re-running wp_install(), which also assigns the Administrator role to the attacking subscriber account.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40602 - SonicWall SMA1000 Missing Authorization Vulnerability - [Actively Exploited]
CVE ID : CVE-2025-40602
Published : Dec. 18, 2025, 11:15 a.m. | 3 hours ago
Description : A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40602
Published : Dec. 18, 2025, 11:15 a.m. | 3 hours ago
Description : A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10910 - Gaining remote control over Govee devices
CVE ID : CVE-2025-10910
Published : Dec. 18, 2025, 12:16 p.m. | 1 hour, 59 minutes ago
Description : A flaw in the binding process of Govee’s cloud platform and devices allows a remote attacker to bind an existing, online Govee device to the attacker’s account, resulting in full control of the device and removal of the device from its legitimate owner’s account. The server‑side API allows device association using a set of identifiers: "device", "sku", "type", and a client‑computed "value", that are not cryptographically bound to a secret originating from the device itself. The vulnerability has been verified for the Govee H6056 - lamp device in firmware version 1.08.13, but may affect also other Govee cloud‑connected devices. The vendor is not able to provide a list of affected products, but rolls out a firmware and server-side fixes. Devices that reached end‑of‑life for security support need replacement with newer models supporting updates.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10910
Published : Dec. 18, 2025, 12:16 p.m. | 1 hour, 59 minutes ago
Description : A flaw in the binding process of Govee’s cloud platform and devices allows a remote attacker to bind an existing, online Govee device to the attacker’s account, resulting in full control of the device and removal of the device from its legitimate owner’s account. The server‑side API allows device association using a set of identifiers: "device", "sku", "type", and a client‑computed "value", that are not cryptographically bound to a secret originating from the device itself. The vulnerability has been verified for the Govee H6056 - lamp device in firmware version 1.08.13, but may affect also other Govee cloud‑connected devices. The vendor is not able to provide a list of affected products, but rolls out a firmware and server-side fixes. Devices that reached end‑of‑life for security support need replacement with newer models supporting updates.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40891 - HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0
CVE ID : CVE-2025-40891
Published : Dec. 18, 2025, 1:14 p.m. | 1 hour, 1 minute ago
Description : A Stored HTML Injection vulnerability was discovered in the Time Machine Snapshot Diff functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets at two different times to inject HTML tags into asset attributes across two snapshots. Exploitation requires a victim to use the Time Machine Snapshot Diff feature on those specific snapshots and perform specific GUI actions, at which point the injected HTML renders in their browser, enabling phishing and open redirect attacks. Full XSS exploitation is prevented by input validation and Content Security Policy. Attack complexity is high due to multiple required conditions.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40891
Published : Dec. 18, 2025, 1:14 p.m. | 1 hour, 1 minute ago
Description : A Stored HTML Injection vulnerability was discovered in the Time Machine Snapshot Diff functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets at two different times to inject HTML tags into asset attributes across two snapshots. Exploitation requires a victim to use the Time Machine Snapshot Diff feature on those specific snapshots and perform specific GUI actions, at which point the injected HTML renders in their browser, enabling phishing and open redirect attacks. Full XSS exploitation is prevented by input validation and Content Security Policy. Attack complexity is high due to multiple required conditions.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13110 - HUSKY – Products Filter Professional for WooCommerce <= 1.3.7.3 - Authenticated (Subscriber+) Insecure Direct Object Reference via 'woof_add_subscr'
CVE ID : CVE-2025-13110
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.3 via the "woof_add_subscr" function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber level access and above, to create product messenger subscriptions on behalf of arbitrary users, including administrators.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13110
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.7.3 via the "woof_add_subscr" function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber level access and above, to create product messenger subscriptions on behalf of arbitrary users, including administrators.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14277 - Prime Slider – Addons for Elementor <= 4.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery
CVE ID : CVE-2025-14277
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.9 via the import_elementor_template AJAX action. This makes it possible for authenticated attackers, with subscriber level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14277
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The Prime Slider – Addons for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.9 via the import_elementor_template AJAX action. This makes it possible for authenticated attackers, with subscriber level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14437 - Hummingbird <= 3.18.0 - Unauthenticated Sensitive Information Exposure via Log File
CVE ID : CVE-2025-14437
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14437
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14618 - Sweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion
CVE ID : CVE-2025-14618
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweet_energy_efficiency_action' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with subscriber level access and above, to read, modify, and delete arbitrary graphs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14618
Published : Dec. 18, 2025, 1:15 p.m. | 1 hour ago
Description : The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweet_energy_efficiency_action' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers, with subscriber level access and above, to read, modify, and delete arbitrary graphs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40892 - Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0
CVE ID : CVE-2025-40892
Published : Dec. 18, 2025, 1:16 p.m. | 59 minutes ago
Description : A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing a JavaScript payload, or a victim can be socially engineered to import a malicious report template. When the victim views or imports the report, the XSS executes in their browser context, allowing the attacker to perform unauthorized actions as the victim, such as modify application data, disrupt application availability, and access limited sensitive information.
Severity: 8.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40892
Published : Dec. 18, 2025, 1:16 p.m. | 59 minutes ago
Description : A Stored Cross-Site Scripting vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a malicious report containing a JavaScript payload, or a victim can be socially engineered to import a malicious report template. When the victim views or imports the report, the XSS executes in their browser context, allowing the attacker to perform unauthorized actions as the victim, such as modify application data, disrupt application availability, and access limited sensitive information.
Severity: 8.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40893 - HTML injection in Asset List in Guardian/CMC before 25.5.0
CVE ID : CVE-2025-40893
Published : Dec. 18, 2025, 1:17 p.m. | 58 minutes ago
Description : A Stored HTML Injection vulnerability was discovered in the Asset List functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets to inject HTML tags into asset attributes. When a victim views the affected assets in the Asset List (and similar functions), the injected HTML renders in their browser, enabling phishing and possibly open redirect attacks. Full XSS exploitation and direct information disclosure are prevented by the existing input validation and Content Security Policy configuration.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40893
Published : Dec. 18, 2025, 1:17 p.m. | 58 minutes ago
Description : A Stored HTML Injection vulnerability was discovered in the Asset List functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets to inject HTML tags into asset attributes. When a victim views the affected assets in the Asset List (and similar functions), the injected HTML renders in their browser, enabling phishing and possibly open redirect attacks. Full XSS exploitation and direct information disclosure are prevented by the existing input validation and Content Security Policy configuration.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40898 - Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0
CVE ID : CVE-2025-40898
Published : Dec. 18, 2025, 1:19 p.m. | 56 minutes ago
Description : A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary paths, altering the device configuration and/or affecting its availability.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40898
Published : Dec. 18, 2025, 1:19 p.m. | 56 minutes ago
Description : A path traversal vulnerability was discovered in the Import Arc data archive functionality due to insufficient validation of the input file. An authenticated user with limited privileges, by uploading a specifically-crafted Arc data archive, can potentially write arbitrary files in arbitrary paths, altering the device configuration and/or affecting its availability.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-65000 - Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule
CVE ID : CVE-2025-65000
Published : Dec. 18, 2025, 2:04 p.m. | 11 minutes ago
Description : SSH private keys of the "Remote alert handlers (Linux)" rule were exposed in the rule page's HTML source in Checkmk <= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-65000
Published : Dec. 18, 2025, 2:04 p.m. | 11 minutes ago
Description : SSH private keys of the "Remote alert handlers (Linux)" rule were exposed in the rule page's HTML source in Checkmk <= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-14878 - Tenda WH450 HTTP Request wirelessRestart stack-based overflow
CVE ID : CVE-2025-14878
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A security flaw has been discovered in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/wirelessRestart of the component HTTP Request Handler. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-14878
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A security flaw has been discovered in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/wirelessRestart of the component HTTP Request Handler. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-63386 - Dify CORS Misconfiguration Vulnerability
CVE ID : CVE-2025-63386
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/setup endpoint. The endpoint implements an insecure CORS policy that reflects any Origin header and enables Access-Control-Allow-Credentials: true, permitting arbitrary external domains to make authenticated requests.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-63386
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/setup endpoint. The endpoint implements an insecure CORS policy that reflects any Origin header and enables Access-Control-Allow-Credentials: true, permitting arbitrary external domains to make authenticated requests.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-63388 - Dify CORS Misconfiguration Vulnerability
CVE ID : CVE-2025-63388
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/system-features endpoint. The endpoint implements an overly permissive CORS policy that reflects arbitrary Origin headers and sets Access-Control-Allow-Credentials: true, allowing any external domain to make authenticated cross-origin requests.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-63388
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/system-features endpoint. The endpoint implements an overly permissive CORS policy that reflects arbitrary Origin headers and sets Access-Control-Allow-Credentials: true, allowing any external domain to make authenticated cross-origin requests.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-63389 - Ollama Platform Authentication Bypass
CVE ID : CVE-2025-63389
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-63389
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-63390 - AnythingLLM Authentication Bypass
CVE ID : CVE-2025-63390
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed data includes: workspace identifiers (id, name, slug), AI model configurations (chatProvider, chatModel, agentProvider), system prompts (openAiPrompt), operational parameters (temperature, history length, similarity thresholds), vector search settings, chat modes, and timestamps.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-63390
Published : Dec. 18, 2025, 4:15 p.m. | 2 hours, 2 minutes ago
Description : An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed information about all configured workspaces. Exposed data includes: workspace identifiers (id, name, slug), AI model configurations (chatProvider, chatModel, agentProvider), system prompts (openAiPrompt), operational parameters (temperature, history length, similarity thresholds), vector search settings, chat modes, and timestamps.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...