Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2026/02/12 1:4 a.m.13 views

CVE-2025-69871

A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...

8.1CVSS5.6AI score0.00351EPSS
Exploits1References1
osv
osv
added 2026/02/11 7:15 p.m.7 views

UBUNTU-CVE-2025-69871

A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...

8.1CVSS5.8AI score0.00351EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2026/02/11 12:0 a.m.5 views

CVE-2025-69871

A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...

8.1CVSS5.9AI score0.00351EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2026/02/11 12:0 a.m.4 views

CVE-2025-69871

A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...

5.6AI score0.00351EPSS
Exploits1References3
cve
cve
added 2026/02/11 12:0 a.m.21 views

CVE-2025-69871

Summary: CVE-2025-69871 affects MedusaJS/Medusa v2.12.2 and earlier. The root cause is a race condition in the promotion module’s registerUsage() function, which performs a non-atomic read-check-update when enforcing usage limits. This can let unauthenticated remote attackers submit concurrent ch...

8.1CVSS5.6AI score0.00351EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/02/11 12:0 a.m.4 views

CVE-2025-69871

A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...

5.6AI score0.00351EPSS
Exploits1References4
cvelist
cvelist
added 2026/02/11 12:0 a.m.25 views

CVE-2025-69871

A race condition vulnerability exists in MedusaJS Medusa v2.12.2 and earlier in the registerUsage function of the promotion module. The function performs a non-atomic read-check-update operation when enforcing promotion usage limits. This allows unauthenticated remote attackers to bypass usage...

0.00351EPSS
Exploits1References3
Rows per page
Query Builder