CVE-2025-65185

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-65185

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-65185.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-65185

Published

2025-12-17T17:15:50.537Z

Modified

2026-03-13T03:41:09.569257Z

Severity

2.8 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.10.1"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-65185.json"