CVE Daily

CVE-2025-21618

NiceGUI is an easy-to-use, Python-based UI framework. Prior to 2.9.1, authentica...

High CVSS 7.5

Overview

NiceGUI is an easy-to-use, Python-based UI framework. Prior to 2.9.1, authenticating with NiceGUI logged in the user for all browsers, including browsers in incognito mode. This vulnerability is fixed in 2.9.1.

CWE: CWE-287 Published: 2025-01-06T17:15:47.660
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.5 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags