CVE-2025-66377 | Pexip Infinity up to 38.x Product-internal API missing authentication

Inserito da Angelo Barbosa | Dic 25, 2025 | CVE

A vulnerability categorized as critical has been discovered in Pexip Infinity up to 38.x. This impacts an unknown function of the component Product-internal API. Such manipulation leads to missing authentication.

This vulnerability is uniquely identified as CVE-2025-66377. The attack can only be initiated within the local network. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2025-66377 | Pexip Infinity up to 38.x Product-internal API missing authentication

Post correlati

CVE-2025-22210 | HikaShop Component up to 5.1.4 on Joomla Category Management Area sql injection

CVE-2025-10988 | YunaiV ruoyi-vue-pro up to 2025.09 /crm/business/transfer improper authorization

CVE-2025-1675 | zephyrproject-rtos Zephyr up to 4.0 dns_pack.c dns_copy_qname lb_size out-of-bounds (GHSA-2m84-5hfw-m8v4)

CVE-2025-37862 | Linux Kernel up to 6.14.2 HID pidff_find_fields null pointer dereference