CVE-2025-65097
RomM (ROM Manager) prior to versions 4.4.1 and 4.4.1-beta.2 is affected by an IDOR-like issue where an authenticated user can delete other users’ collections by sending a DELETE request to the /collections endpoint without ownership verification. Exploitation details or in-the-wild status are not...