Skip to main content

Yaay Social Media App

1 CVEs product

Monthly

CVE-2025-12008 HIGH This Week

Authorization bypass in Yaay Social Media App versions 3.8.0 through 24102025 allows remote unauthenticated attackers to access restricted functionality and data by manipulating user-controlled key parameters. The vulnerability enables unauthorized access to features normally protected by access control lists (ACLs), potentially exposing user data, administrative functions, or content modification capabilities. TR-CERT has disclosed this issue with a CVSS base score of 8.8, requiring user interaction for exploitation. No evidence of active exploitation (not in CISA KEV) or public exploit code has been identified at time of analysis.

Authentication Bypass Yaay Social Media App
NVD
CVSS 3.1
8.8
EPSS
0.0%
EPSS 0% CVSS 8.8
HIGH This Week

Authorization bypass in Yaay Social Media App versions 3.8.0 through 24102025 allows remote unauthenticated attackers to access restricted functionality and data by manipulating user-controlled key parameters. The vulnerability enables unauthorized access to features normally protected by access control lists (ACLs), potentially exposing user data, administrative functions, or content modification capabilities. TR-CERT has disclosed this issue with a CVSS base score of 8.8, requiring user interaction for exploitation. No evidence of active exploitation (not in CISA KEV) or public exploit code has been identified at time of analysis.

Authentication Bypass Yaay Social Media App
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy