Logging Exposure in PCL Community Edition for Minecraft Launcher
CVE-2025-54120

9.3CRITICAL

Key Information:

Vendor: Pcl-community
Status: Pcl2-ce
Vendor: CVE Published:; 23 July 2025

🔔 Create Pcl-community Vulnerability Alert

What is CVE-2025-54120?

In the PCL Community Edition of the Minecraft launcher, specifically in versions 2.12.0-beta.5 through 2.12.0-beta.9, user login credentials were inadvertently written to a local log file during the third-party login process. While the log file is not uploaded or shared automatically, users who manually transmit this log file may unintentionally expose their sensitive information. This risk has been addressed in version 2.12.0-beta.10, which eliminates the logging of sensitive login data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PCL2-CE >= 2.12.0-beta.5, < 2.12.0-beta.10

References

https://github.com/PCL-Community/PCL2-CE/security/advisor...

x_refsource_CONFIRM

https://github.com/PCL-Community/PCL2-CE/commit/b72eaaef0...

x_refsource_MISC

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Jul 23, 2025

JSON

Pcl-community

What is CVE-2025-54120?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.