CVE-2025-61117 – Senza: Keto & Fasting Android App Account Takeover Vulnerability

CVE ID : CVE-2025-61117

Published : Oct. 30, 2025, 4:15 p.m. | 1 hour, 10 minutes ago

Description : Senza: Keto & Fasting Android App version 2.10.15 (package name com.gl.senza), developed by Paul Itoi, contains an improper access control vulnerability. By exploiting insufficient checks in user data API endpoints, attackers can obtain authentication tokens and perform account takeover. Successful exploitation could result in unauthorized account access, privacy breaches, and misuse of the platform.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…