CVE 9.8 CRITICAL

CVE-2025-67165_CVE-2025-67165

December 17, 2025 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.

AI Analysis

Insecure Direct Object Reference (IDOR) vulnerability in Pagekit CMS v1.0.18 allowing privilege escalation

Basic Information

ID CVE-2025-67165

Source mitre

Published Dec 17, 2025 at 00:00

Modified Dec 17, 2025 at 18:48

Affected Product

Vendor Pagekit

Product Pagekit CMS

Version v1.0.18

Affected Versions n/a n/a n/a

CWE Classification

CWE-639

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Pagekit

Product Pagekit CMS

Version v1.0.18

References

{
    "lastseen": "",
    "description": "An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.",
    "published": "2025-12-17T00:00:00.000Z",
    "modified": "2025-12-17T18:48:24.402Z",
    "type": "cve",
    "title": "CVE-2025-67165",
    "source": "mitre",
    "references": "https://github.com/pagekit/pagekit\nhttps://github.com/pagekit/docs/blob/develop/user-interface/users.md#roles\nhttps://github.com/pagekit/docs/blob/develop/user-interface/users.md#permissions\nhttps://github.com/mbiesiad/vulnerability-research/tree/main/CVE-2025-67165",
    "id": "CVE-2025-67165",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Pagekit CMS",
    "version": "v1.0.18",
    "vendor": "Pagekit",
    "ai_description": "Insecure Direct Object Reference (IDOR) vulnerability in Pagekit CMS v1.0.18 allowing privilege escalation",
    "ai_severity": "Critical",
    "ai_vendor": "Pagekit",
    "ai_product": "Pagekit CMS",
    "ai_version": "v1.0.18",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply