Vulnerability Details CVE-2026-25809
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not validate the assessment lifecycle state before allowing execution. There is no check to ensure that the assessment has started, is not expired, or the submission window is currently open.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.0%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2026-25809
-
cpe:2.3:a:prasklatechnology:placipy:1.0.0