CVE-2025-14750

High CVSS: 8.7

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges.

Vendor

Product

CWE

CWE-472

Yayın Tarihi

2026-01-22 22:16:14

Güncelleme

2026-01-26 15:04:14

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-472 HIGH 2026

Referanslar

https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-05