CVE Catalog

CVE-2025-65796

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile - higher than 10% of all known CVEs

Summary

In usememos memos version 0.25.2, an incorrect access control allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.

Risk Assessment

The organization faces data integrity issues and potential disruption of social interactions, as an attacker can delete reactions without proper authorization.

Recommendation

Immediately update usememos memos to the latest patched version and review access control configurations.

Original NVD description (English source)

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS