CVE-2026-10295

LOW 3.3

SourceCodester Customer Review App review_app.py get_all_reviews denial of service

CVSS Score

3.3

EPSS Score

0.0%

EPSS Percentile

2th

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approach. The exploit has been made public and could be used.

CWE	CWE-404
Vendor	sourcecodester
Product	customer review app
Published	Jun 1, 2026
Last Updated	Jun 3, 2026

Stay Ahead of the Next One

Get instant alerts for sourcecodester customer review app

Be the first to know when new low vulnerabilities affecting sourcecodester customer review app are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

SourceCodester / Customer Review App

1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/vuln/367588 vuldb.com: https://vuldb.com/vuln/367588/cti vuldb.com: https://vuldb.com/cve/CVE-2026-10295 vuldb.com: https://vuldb.com/submit/826530 pastebin.com: https://pastebin.com/Ud5vaGp6 sourcecodester.com: https://www.sourcecodester.com/

Credits

🔍 ameenkbrd (VulDB User)