How severe is CVE-2025-48757?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.3 out of 10.

What type of vulnerability is CVE-2025-48757?

This is classified as CWE-863, which is a common weakness in software security.

CVE-2025-48757

CRITICAL Year: 2025

CVSS v3 Score

9.3

Critical

Weakness Type

CWE-863

View all →

Vulnerability Description

An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites.

CVE-2021-21276

CRITICAL

CVSS:9.3(Critical)

Polr is an open source URL shortener. in Polr before version 2.3.0, a vulnerability in the setup process allows attackers to gain admin access to site instances, even if they do not possess an existin...

CWE-8632021

CVE-2022-22157

CRITICAL

CVSS:9.3(Critical)

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthori...

CWE-8632022

CVE-2024-20510

CRITICAL

CVSS:9.3(Critical)

A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication acc...

CWE-8632024

CVE-2024-48548

CRITICAL

CVSS:9.3(Critical)

The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to b...

CWE-8632024