CVE-2026-25509 | ci4-cms-erp ci4ms prior 0.28.5.0 Password Reset response discrepancy (GHSA-654x-9q7r-g966)

Inserito da Angelo Barbosa | Feb 4, 2026 | CVE

A vulnerability was found in ci4-cms-erp ci4ms and classified as problematic. Affected is an unknown function of the component Password Reset Handler. Such manipulation leads to observable response discrepancy.

This vulnerability is uniquely identified as CVE-2026-25509. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-25509 | ci4-cms-erp ci4ms prior 0.28.5.0 Password Reset response discrepancy (GHSA-654x-9q7r-g966)

Post correlati

CVE-2024-31265 | SumoMe Sumo Plugin up to 1.34 on WordPress cross-site request forgery

CVE-2024-3895 | WP Datepicker Plugin up to 2.1.0 on WordPress Options Update authorization

CVE-2024-34693 | Apache Superset up to 3.1.2/4.0.0 MariaDB Connection information disclosure

CVE-2024-21363 | Microsoft unknown vulnerability