CVE-2025-28104
The CVE-2025-28104 entry concerns FlaskBlog (laskBlog) v2.6.1 with an incorrect access control flaw that lets an attacker retrieve all usernames through a crafted input. Multiple connected sources (Red Hat, NVD, CVE lists, PT Security, CNNVD, OSV, CIRCL, and others) corroborate the issue, describ...