CVE-2025-21618

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 6, 2025

CWE ID 287

Summary

CVE-2025-21618 is a vulnerability affecting NiceGUI, a Python-based UI framework. Before version 2.9.1, the framework failed to respect incognito mode settings in web browsers, leading to unintended user authentication. This issue could potentially expose user data or compromise accounts in affected browsers. The vulnerability is now resolved in NiceGUI version 2.9.1.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2O95z_
https://www.cve.org/CVERecord?id=CVE-2025-21618
https://nvd.nist.gov/vuln/detail/CVE-2025-21618

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2025-21618

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations