Authorization Bypass Vulnerability in CB Project Ltd. Co. CVLand
CVE-2025-0987

9.9CRITICAL

Key Information:

Vendor: Cb Project Ltd. Co.
Status: Cvland
Vendor: CVE Published:; 3 November 2025

🔔 Create Cb Project Ltd. Co. Vulnerability Alert

What is CVE-2025-0987?

An authorization bypass vulnerability exists in CB Project Ltd. Co.'s CVLand application, allowing unauthorized users to manipulate key parameters. This can lead to unauthorized access to sensitive information or functionalities, compromising the integrity and security of the application. Users are advised to review their installations of CVLand versions ranging from 2.1.0 up to 20251103 to ensure they are protected against potential exploitation.

Affected Version(s)

CVLand 2.1.0 <= 20251103

References

https://www.usom.gov.tr/bildirim/tr-25-0371

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2025
Vulnerability Reserved
Feb 3, 2025

Credit

Ulaş GÜMÜŞTAŞ

JSON