CVE 8.8 HIGH

RCE in Yordam Informatics’ Library Automation System_CVE-2025-15024

May 14, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion.

This issue affects Library Automation System: from v.19.5 before v.22.1.

AI Analysis

Remote Code Inclusion vulnerability in Yordam Informatics' Library Automation System

Basic Information

ID CVE-2025-15024

Source TR-CERT

Published May 14, 2026 at 17:48

Affected Product

Vendor Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc.

Product Library Automation System

Version v.19.5

Affected Versions Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System v.19.5

CWE Classification

CWE-94

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc.

Product Library Automation System

Version v.19.5 - v.22.1

References

siberguvenlik.gov.tr /guvenlik-bildirimleri/detay/tr-26-0240

{
    "lastseen": "",
    "description": "Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion.\n\nThis issue affects Library Automation System: from v.19.5 before v.22.1.",
    "published": "2026-05-14T17:48:41.628Z",
    "modified": "2026-05-14T17:48:41.628Z",
    "type": "cve",
    "title": "RCE in Yordam Informatics' Library Automation System",
    "source": "TR-CERT",
    "references": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0240",
    "id": "CVE-2025-15024",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System v.19.5",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Library Automation System",
    "version": "v.19.5",
    "vendor": "Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc.",
    "ai_description": "Remote Code Inclusion vulnerability in Yordam Informatics' Library Automation System",
    "ai_severity": "High",
    "ai_vendor": "Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc.",
    "ai_product": "Library Automation System",
    "ai_version": "v.19.5 - v.22.1",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply