Skip to main content
CVE-2025-6919 CRITICAL Act Now

SQL injection in Cats Information Technology's Aykome License Tracking System (versions prior to the 06.10.2025 build) allows remote unauthenticated attackers to manipulate backend database queries via crafted input. The flaw carries a critical 9.8 CVSS score with full confidentiality, integrity, and availability impact, though EPSS rates near-term exploitation probability at only 0.04% and no public exploit identified at time of analysis. The vulnerability was disclosed by Turkey's national CERT (USOM) under advisory TR-25-0332.

SQLi
NVD VulDB
CVSS 3.1
9.8
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy