CVE-2025-48741 – StrangeBee TheHive Broken Access Control Vulnerability

CVE ID : CVE-2025-48741

Published : May 23, 2025, 8:15 p.m. | 1 hour, 5 minutes ago

Description : A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote, authenticated, and unprivileged users to retrieve alerts, cases, logs, observables, or tasks, regardless of the user’s permissions, through a specific API endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…