VYPR
High severity8.8NVD Advisory· Published Feb 13, 2026· Updated Jun 4, 2026

CVE-2025-14349

CVE-2025-14349

Description

Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation.

This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.