CVE-2025-64307 – Brightpick Mission Control / Internal Logic Control Missing Authentication for Critical Function

CVE ID : CVE-2025-64307

Published : Nov. 15, 2025, 12:15 a.m. | 46 minutes ago

Description : The Brightpick Internal Logic Control web interface is accessible
without requiring user authentication. An unauthorized user could
exploit this interface to manipulate robot control functions, including
initiating or halting runners, assigning jobs, clearing stations, and
deploying storage totes.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…