CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-54598

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.0%

CVSS Severity

CVSS v3 Score 6.5

References

https://bevy.com/b/events-and-groups
https://gist.github.com/deep1chil/057b63e62d4db6158a3ee28995fc246f
https://github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-43985.txt

Products affected by CVE-2025-54598

Bevy » Bevy » Version: Any

cpe:2.3:a:bevy:bevy:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-54598

Products

Pricing

Contact Us