CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-12925

A security flaw has been discovered in rymcu forest up to de53ce79db9faa2efc4e79ce1077a302c42a1224. Impacted is the function getAll/addDic/getAllDic/deleteDic of the file src/main/java/com/rymcu/forest/lucene/api/UserDicController.java. The manipulation results in missing authorization. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.8%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 7.5

References

https://github.com/rymcu/forest/issues/199
https://vuldb.com/?ctiid.331645
https://vuldb.com/?id.331645
https://vuldb.com/?submit.681080

Products affected by CVE-2025-12925

Rymcu » Forest » Version: 0.02

cpe:2.3:a:rymcu:forest:0.02

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-12925

Products

Pricing

Contact Us