Incorrect Authorization Vulnerability in Library Automation System by Yordam Information Technology
CVE-2025-15023

8.8HIGH

Key Information:

Vendor: Yordam Information Technology Consulting, Training And Electronic Systems Industry And Trade Inc.
Status: Library Automation System
Vendor: CVE Published:; 14 May 2026

🔔 Create Yordam Information Technology Consulting, Training And Electronic Systems Industry And Trade Inc. Vulnerability Alert

What is CVE-2025-15023?

An incorrect authorization vulnerability exists in the Library Automation System developed by Yordam Information Technology. This flaw arises from improperly configured access control security levels, which could allow unauthorized users to access restricted areas of the application. Affected versions include those from v19.5 up to v22.1, making it essential for users to evaluate their systems and implement necessary safeguards to mitigate potential exploitation.

Affected Version(s)

Library Automation System v.19.5

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...

government-resource

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Dec 22, 2025

Credit

anonymous

CVE-2025-15023 Data

JSON