How severe is CVE-2025-26485?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2025-26485?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2025-26485 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

The Exposure of Sensitive Information to an Unauthorized Actor vulnerability impacting Beta80 Life 1st Identity Manager allows User Enumeration using Authentication Rest APIs. Affected: Life 1st version 1.5.2.14234. Different error messages are returned to failed authentication attempts in case of the usage of a wrong password or a non existent user. This issue affects Life 1st: 1.5.2.14234.

Related Vulnerabilities

CVE-2016-1321

MEDIUM

CVSS:5.8(Medium)

Cisco Universal Small Cell devices with firmware R2.12 through R3.5 contain an image-decryption key in flash memory, which allows remote attackers to bypass a certain certificate-validation feature an...

CWE-2002016

CVE-2017-0168

MEDIUM

CVSS:5.8(Medium)

An information disclosure vulnerability exists when the Windows Hyper-V Network Switch running on a Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, or Windows Server 201...

CWE-2002017

CVE-2017-3255

MEDIUM

CVSS:5.8(Medium)

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1....

CWE-2002017

CVE-2018-1612

MEDIUM

CVSS:5.8(Medium)

IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164.

CWE-2002018

CVE-2018-5477

MEDIUM

CVSS:5.8(Medium)

An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, ...

CWE-2002018

CVE-2019-0048

MEDIUM

CVSS:5.8(Medium)

On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multica...

CWE-2002019