CVE-2025-7708

MEDIUM 6.8

Sensitive Data Exposure in Atlas Software's k12net

CVSS Score

6.8

EPSS Score

0.0%

EPSS Percentile

4th

Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. K12net allows Communication Channel Manipulation.This issue affects k12net: through 09022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CWE	CWE-201
Vendor	atlas educational software industry ltd. co.
Product	k12net
Published	Feb 9, 2026
Last Updated	Mar 25, 2026

Stay Ahead of the Next One

Get instant alerts for atlas educational software industry ltd. co. k12net

Be the first to know when new medium vulnerabilities affecting atlas educational software industry ltd. co. k12net are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

Low

Affected Versions

Atlas Educational Software Industry Ltd. Co. / k12net

0 ≤ 09022026

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-26-0021

Credits

Şahnur Eren ALOĞLU