CVE 9.1 CRITICAL

CVE-2025-65830_CVE-2025-65830

December 11, 2025 invoker category_cve

9.1 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Description

Due to a lack of certificate validation, all traffic from the mobile application can be intercepted. As a result, an adversary located "upstream" can decrypt the TLS traffic, inspect its contents, and modify the requests in transit. This may result in a total compromise of the user's account if the attacker intercepts a request with active authentication tokens or cracks the MD5 hash sent on login.

AI Analysis

Lack of certificate validation allows interception and modification of mobile application traffic

Basic Information

ID CVE-2025-65830

Source mitre

Published Dec 10, 2025 at 00:00

Modified Dec 11, 2025 at 20:35

Affected Product

Vendor Meatmeet

Product Meatmeet-Pro

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-295

AI Assessment

AI Score 9.1 / 10

AI Severity Critical

Vendor Meatmeet

Product Meatmeet-Pro

Version n/a

References

{
    "lastseen": "",
    "description": "Due to a lack of certificate validation, all traffic from the mobile application can be intercepted. As a result, an adversary located \"upstream\" can decrypt the TLS traffic, inspect its contents, and modify the requests in transit. This may result in a total compromise of the user's account if the attacker intercepts a request with active authentication tokens or cracks the MD5 hash sent on login.",
    "published": "2025-12-10T00:00:00.000Z",
    "modified": "2025-12-11T20:35:16.933Z",
    "type": "cve",
    "title": "CVE-2025-65830",
    "source": "mitre",
    "references": "https://github.com/dead1nfluence/Meatmeet-Pro-Vulnerabilities/blob/main/Mobile-Application/Lack-of-Certificate-Pinning.md\nhttps://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-lack-of-certificate-pinning-md",
    "id": "CVE-2025-65830",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.1,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Meatmeet-Pro",
    "version": "n/a",
    "vendor": "Meatmeet",
    "ai_description": "Lack of certificate validation allows interception and modification of mobile application traffic",
    "ai_severity": "Critical",
    "ai_vendor": "Meatmeet",
    "ai_product": "Meatmeet-Pro",
    "ai_version": "n/a",
    "ai_score": 9.1
}

💭 Join the Security Discussion ❌ Cancel Reply