Description

Authorization Bypass Through User-Controlled Key vulnerability in MeCODE Informatics and Engineering Services Ltd. Envanty allows Parameter Injection.This issue affects Envanty: before 1.0.6.   NOTE: The vendor was contacted early about this disclosure but did not respond in any way. The vulnerability was learned to be remediated through reporter information and testing.

INFO

Published Date :

2026-02-19T10:57:15.180Z

Last Modified :

2026-03-25T13:56:00.857Z

Source :

TR-CERT
AFFECTED PRODUCTS

The following products are affected by CVE-2025-9062 vulnerability.

Vendors Products
Mecode Informatics And Engineering Services
  • Envanty
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-9062.

URL Resource
https://www.usom.gov.tr/bildirim/tr-26-0076 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact