CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-65797

Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service (DoS).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.0%

CVSS Severity

CVSS v3 Score 6.5

References

http://memos.com
http://usememos.com
https://github.com/usememos/memos/pull/5217
https://herolab.usd.de/security-advisories/usd-2025-0057/

Products affected by CVE-2025-65797

Usememos » Memos » Version: 0.25.2

cpe:2.3:a:usememos:memos:0.25.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-65797

Products

Pricing

Contact Us