CVE-2025-27000

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 25, 2025

CWE ID 862

Summary

CVE-2025-27000 is a Missing Authorization vulnerability affecting the George Pattichis Simple Photo Feed application. The issue arises due to incorrectly configured access control security levels, enabling unauthorized access. This vulnerability can be exploited by malicious actors, potentially leading to data breaches or unintended modifications. The Simple Photo Feed software versions from n/a to 1.4.0 are affected by this issue. Users are advised to apply the necessary security patches as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3cvCbi
https://www.cve.org/CVERecord?id=CVE-2025-27000
https://nvd.nist.gov/vuln/detail/CVE-2025-27000

Back to Vulnerability Database

CVE-2025-27000

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations