Skip to main content

N A CVE-2025-66391

2026-06-17 mitre
Information Disclosure Citrix N A

Lifecycle Timeline

1
CVE Published
Jun 17, 2026 - 00:00 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account.

Analysis

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account.

More from same product – last 7 days

CVE-2026-50871 CRITICAL
9.8 Jun 15

Remote code execution in kanishka-linux Reminiscence v0.3.0 allows unauthenticated attackers to execute arbitrary OS com
CVE-2026-38065 CRITICAL
9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_ims_on_with_apn via the

CVE-2026-38060 CRITICAL
9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_unlock_sim via the pin p
CVE-2026-38061 CRITICAL
9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_volume via the volum
CVE-2026-38062 CRITICAL
9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_rat_mode via the rat

Share

CVE-2025-66391 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy