CVE-2025-23214 Cosmos userbase checking vulnerability

Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. By monitoring the error code returned in the login, it is possible to figure out whether a user exist or not in the database. Patched in 0.17.7...

Cosmos 安全漏洞

Cosmos is a method of self-hosting home servers by the individual developer Yann Stepienik. Designed to address the growing concern of vulnerable self-hosted applications and personal servers. A security vulnerability exists in versions of Cosmos prior to 0.17.7. An attacker exploiting the...

PT-2025-4853 · Unknown · Cosmos-Server

Name of the Vulnerable Software and Affected Versions: Cosmos-Server versions prior to 0.17.7 Description: The Cosmos-Server software has a user enumeration issue due to the error code returned during login, allowing an attacker to determine if a user exists in the database by monitoring the erro...

Authorization

Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle...