CVE-2025-65998 | Apache Syncope up to 2.1.14/3.0.14/4.0.2 hard-coded key

Inserito da Angelo Barbosa | Nov 24, 2025 | CVE

A vulnerability was found in Apache Syncope up to 2.1.14/3.0.14/4.0.2 and classified as problematic. The affected element is an unknown function. The manipulation results in use of hard-coded cryptographic key
.

This vulnerability is reported as CVE-2025-65998. The attack requires a local approach. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2025-65998 | Apache Syncope up to 2.1.14/3.0.14/4.0.2 hard-coded key

Post correlati

CVE-2024-12736 | BU Section Editing Plugin up to 0.9.9 on WordPress cross site scripting

CVE-2025-0131 | OPSWAT MetaDefender Endpoint Security SDK up to 4.3.4450 on Windows privileges assignment

CVE-2024-48420 | Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 /goform/getWifiBasic buffer overflow

CVE-2024-46241 | PHPGurukul Dairy Farm Shop Management System 1.1 add_product.php pname cross site scripting