CVE-2025-41086 – Authorization bypass in GAMS from GAMS Development Corp.

CVE ID : CVE-2025-41086

Published : Dec. 2, 2025, 1:22 p.m. | 1 hour, 3 minutes ago

Description : Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculate the checksum and generate a valid license to grant themselves full privileges without credentials or access to the source code, allowing them unrestricted access to GAMS’s mathematical models and commercial solvers.

Severity: 6.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…