Unrated severityOSV Advisory· Published Dec 12, 2025· Updated Dec 18, 2025
Apache Fineract: weak password policy
CVE-2025-23408
Description
Weak Password Requirements vulnerability in Apache Fineract.
This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0.
Users are encouraged to upgrade to version 1.13.0, the latest release.
Affected products
2Patches
Vulnerability mechanics
References
1- lists.apache.org/thread/bdlb6wl968yh1n48mr5npsk2spo6dncfmitrevendor-advisory
News mentions
0No linked articles in our index yet.