CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-58405

The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an attacker can embed the application inside a maliciously crafted IFRAME and trick users into performing unintended actions, including potentially bypassing CSRF/XSRF defenses.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.6%

CVSS Severity

CVSS v3 Score 6.1

References

https://cert.pl/en/posts/2026/03/CVE-2025-10350/
https://www.cgm.com/pol_pl/products/szpital/cgm-clininet.html

Products affected by CVE-2025-58405

Cgm » Clininet » Version: Any

cpe:2.3:a:cgm:clininet:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-58405

Products

Pricing

Contact Us