CVE-2025-11661CRITICAL 9.8EPSS p42.2%

CVE-2025-11661CVE-2025-11661

Description

A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This product adopts a rolling release strategy to maintain continuous delivery

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.56% probability of exploitation · percentile 42.2% · 2026-06-18T12:00:27Z
Published2025-10-13
Last modified2026-04-29

Underlying weaknesses· 2

CWE-287CWE-306

References

  1. https://github.com/qqy-123/cve/issues/6
  2. https://vuldb.com/?ctiid.328078
  3. https://vuldb.com/?id.328078
  4. https://vuldb.com/?submit.665611

2

TypeTargetConfidenceTier
WeaknessImproper Authenticationcwe-2870%live
WeaknessMissing Authentication for Critical Functioncwe-3060%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-11658
CVE
CVE-2025-11660
CVE
CVE-2025-11659
CVE
CVE-2025-11657
CVE
CVE-2025-11656
CVE
CVE-2026-47324
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.