CVE-2025-67418

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-67418

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-67418.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-67418

Published

2025-12-22T20:15:45.303Z

Modified

2026-03-13T03:42:06.818102Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.

References

Affected packages

Git / github.com/macwarrior/clipbucket-v5

Affected ranges

Type

GIT

Repo

https://github.com/macwarrior/clipbucket-v5

Events

Introduced

474978eb99ef1d01c894019f253f97b76eceb7e7

Last affected

c841e4b46b796ca1620bece73c5116613cbdc055

Database specific

{
    "versions": [
        {
            "introduced": "5.3"
        },
        {
            "last_affected": "5.5.2"
        }
    ]
}

Affected versions

5.*

5.3

5.3.1

5.4.0

5.4.1

5.5.0

5.5.1

5.5.2

5.5.2-#103

5.5.2-#106

5.5.2-#114

5.5.2-#117

5.5.2-#120

5.5.2-#123

5.5.2-#129

5.5.2-#133

5.5.2-#135

5.5.2-#138

5.5.2-#140

5.5.2-#147

5.5.2-#152

5.5.2-#162

5.5.2-#163

5.5.2-#164

5.5.2-#182

5.5.2-#187

5.5.2-#25

5.5.2-#38

5.5.2-#4

5.5.2-#45

5.5.2-#58

5.5.2-#69

5.5.2-#74

5.5.2-#82

5.5.2-#86

5.5.2-#90

5.5.2-#98

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-67418.json"