CVE-2025-65742HIGH 8.2EPSS p16.7%

CVE-2025-65742CVE-2025-65742

Description

An unauthenticated Broken Function Level Authorization (BFLA) vulnerability in Newgen OmniDocs v11.0 allows attackers to obtain sensitive information and execute a full account takeover via a crafted API request.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS0.26% probability of exploitation · percentile 16.7% · 2026-06-19T12:03:05Z
Published2025-12-15
Last modified2025-12-23

Underlying weaknesses· 1

CWE-862

References

  1. https://github.com/CBx216/CVE-2025-65742-Newgen-OmniDocs-LDAP-BFLA/blob/main/CVE-2025-65742.md
  2. https://newgensoft.com/

1

TypeTargetConfidenceTier
WeaknessMissing Authorizationcwe-8620%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-43698
CVE
CVE-2025-41078
CVE
CVE-2025-64655
CVE
CVE-2026-10622
CVE
CVE-2025-8853
CVE
CVE-2026-25873
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.