Authorization Bypass Vulnerability in Akinsoft OctoCloud
CVE-2025-0640

4.7MEDIUM

Key Information:

Vendor: Akinsoft
Status: Octocloud
Vendor: CVE Published:; 2 September 2025

What is CVE-2025-0640?

A vulnerability present in Akinsoft's OctoCloud allows for an authorization bypass through a user-controlled key. This flaw can lead to resource leak exposure, potentially compromising sensitive data and system integrity. The affected versions range from s1.09.02 to below v1.11.01, highlighting the need for prompt updates and security assessments to mitigate risks associated with unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

OctoCloud s1.09.02

References

https://www.usom.gov.tr/bildirim/tr-25-0203

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 2, 2025
Vulnerability Reserved
Jan 22, 2025

Credit

Berat ARSLAN

JSON

Akinsoft