CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-65827

The mobile application is configured to allow clear text traffic to all domains and communicates with an API server over HTTP. As a result, an adversary located "upstream" can intercept the traffic, inspect its contents, and modify the requests in transit. TThis may result in a total compromise of the user's account if the attacker intercepts a request with active authentication tokens or cracks the MD5 hash sent on login.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.7%

CVSS Severity

CVSS v3 Score 9.1

References

https://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-clear-text-traffic-enabled-md
https://github.com/dead1nfluence/Meatmeet-Pro-Vulnerabilities/blob/main/Mobile-Application/Clear-Text-Traffic-Enabled.md

Products affected by CVE-2025-65827

Meatmeet » Meatmeet » Version: 1.1.2.0

cpe:2.3:a:meatmeet:meatmeet:1.1.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-65827

Products

Pricing

Contact Us