CVE-2025-65594HIGH 8.1EPSS p17.3%

CVE-2025-65594CVE-2025-65594

Description

OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS0.26% probability of exploitation · percentile 17.3% · 2026-06-18T12:00:27Z
Published2025-12-09
Last modified2025-12-11

Underlying weaknesses· 1

CWE-284

References

  1. http://opensis.com
  2. https://gitlab.com/tsuretettee/cve-2025-65594

1

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-2840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-26186
CVE
CVE-2025-22924
CVE
CVE-2025-22929
CVE
CVE-2025-15656
CVE
CVE-2025-13243
CVE
CVE-2025-60305
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.