🔐 CVE Alert

CVE-2025-11025

MEDIUM 5.3

Information Disclosure in Vimeosoft Information Technologies' Vimesoft Corporate Messaging Platform

CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
11th

Insertion of Sensitive Information Into Sent Data vulnerability in Vimesoft Information Technologies and Software Inc. Vimesoft Corporate Messaging Platform allows Retrieve Embedded Sensitive Data. This issue affects Vimesoft Corporate Messaging Platform: from V1.3.0 before V2.0.0.

CWE CWE-201
Vendor vimesoft information technologies and software inc.
Product vimesoft corporate messaging platform
Published Sep 26, 2025
Last Updated Jun 4, 2026
Stay Ahead of the Next One

Get instant alerts for vimesoft information technologies and software inc. vimesoft corporate messaging platform

Be the first to know when new medium vulnerabilities affecting vimesoft information technologies and software inc. vimesoft corporate messaging platform are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Affected Versions

Vimesoft Information Technologies and Software Inc. / Vimesoft Corporate Messaging Platform
V1.3.0 < V2.0.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗
usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-25-0300 siberguvenlik.gov.tr: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0300

Credits

Berat AKŞİT Sencer KILIÇ 🔍 Berat AKŞİT