CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

Cvelist•added 2025/12/19 12:0 a.m.•22 views

CVE-2025-66911

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status query functionality. The handleQueryUserOnlineStatusesRequest method in UserServiceController.java allows any authenticated user to query the online status, device information, an...

0.0004EPSS

Exploits1References3

CVE•added 2025/12/19 12:0 a.m.•5 views

CVE-2025-66911

Turms IM Server prior to 0.10.0-SNAPSHOT is affected by a broken access control vulnerability in the user online status query function. The handleQueryUserOnlineStatusesRequest() in UserServiceController.java lets any authenticated user query the online status, device information, and login times...

6.5CVSS6.4AI score0.0004EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by