PlaciPy Exposes Sensitive Data via Application Logs_CVE-2026-25813

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction.

AI Analysis

Sensitive data exposure via application logs in PlaciPy version 1.0.0

Basic Information

ID CVE-2026-25813

Source GitHub_M

Published Feb 9, 2026 at 21:04

Affected Product

Vendor Praskla-Technology

Product assessment-placipy

Version = 1.0.0

Affected Versions Praskla-Technology assessment-placipy = 1.0.0

CWE Classification

CWE-532

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Praskla-Technology

Product PlaciPy

Version 1.0.0

References

github.com /Praskla-Technology/assessment-placipy/security/advisories/GHSA-3647-q595-wfr2

{
    "lastseen": "",
    "description": "PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive data directly to console output without masking or redaction.",
    "published": "2026-02-09T21:04:46.261Z",
    "modified": "2026-02-09T21:04:46.261Z",
    "type": "cve",
    "title": "PlaciPy Exposes Sensitive Data via Application Logs",
    "source": "GitHub_M",
    "references": "https://github.com/Praskla-Technology/assessment-placipy/security/advisories/GHSA-3647-q595-wfr2",
    "id": "CVE-2026-25813",
    "bulletinFamily": "",
    "cwe": [
        "CWE-532"
    ],
    "cvelist": null,
    "sourceData": "Praskla-Technology assessment-placipy = 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "assessment-placipy",
    "version": "= 1.0.0",
    "vendor": "Praskla-Technology",
    "ai_description": "Sensitive data exposure via application logs in PlaciPy version 1.0.0",
    "ai_severity": "High",
    "ai_vendor": "Praskla-Technology",
    "ai_product": "PlaciPy",
    "ai_version": "1.0.0",
    "ai_score": 8.7
}