High severity8.6NVD Advisory· Published Apr 11, 2025· Updated Apr 15, 2026

CVE-2025-32367

Description

The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via /statistic/list Insecure Direct Object Reference. NOTE: the number 4.0.8 was used for both the unpatched and patched versions.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

medium.com/@antonsimonyan7/idor-in-oz-forensics-face-recognition-application-cve-2025-32367-53684ee312eanvd
ozforensics.comnvd

News mentions

No linked articles in our index yet.

cvss	0.559
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000