All 5 CVE vulnerabilities found in romm, with AI-generated Chinese analysis, references, and POCs.
Vendor: rommapp
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-65097 | Insecure Direct Object Reference (IDOR) Allows Unauthorized Deletion of User Collections CWE-284 | 6.5AI | MediumAI | 2025-12-03 |
| CVE-2025-65096 | RomM Insecure Direct Object Reference (IDOR) Allows Unauthorized Access to Private Collections CWE-284 | 6.5AI | MediumAI | 2025-12-03 |
| CVE-2025-65027 | RomM Chained XSS and CSRF Vulnerabilities Enable Admin Account Takeover CWE-79 | 7.6 | High | 2025-12-03 |
| CVE-2025-54071 | RomM's authenticated arbitrary file write vulnerability can lead to Remote Code Execution CWE-434 | 8.8 | - | 2025-07-21 |
| CVE-2025-53908 | RomM vulnerable to Authenticated Path Traversal CWE-26 | 6.5AI | MediumAI | 2025-07-16 |
All 5 known CVE vulnerabilities affecting romm with full Chinese analysis, references, and POCs where available.