CVE Catalog
CVE-2025-68049
MediumCVSS 6.3Exploitation Probability (EPSS)
Low risk0.24%
15th percentile — higher than 15% of all known CVEs
Summary
Versions of bunny.net up to 2.3.6 contain a vulnerability in access control that may allow subscribers unauthorized access to resources.
Risk Assessment
Organizations may be exposed to unauthorized access to data, potentially leading to information leaks or breaches of user privacy.
Recommendation
It is recommended to upgrade to the latest version of bunny.net to mitigate this access control vulnerability.
Original NVD description (English source)
Subscriber Broken Access Control in bunny.net <= 2.3.6 versions.

