CVE-2025-22592
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2025-22592 is a critical vulnerability affecting the Lenderd 1003 Mortgage Application. The issue involves missing authorization checks, enabling unauthorized access to functionality that is not properly constrained by Access Control Lists (ACLs). This flaw allows unauthorized users to gain excessive privileges, potentially leading to sensitive data exposure or system manipulation. The vulnerability affects all versions of the 1003 Mortgage Application from n/a through 1.87. Organizations using this application should apply the available patch as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.