VYPR
Unrated severityNVD Advisory· Published Aug 27, 2025· Updated Aug 27, 2025

CVE-2025-54598

CVE-2025-54598

Description

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • eBay/eBay Seller Eventsdescription
  • Bevy/Bevy Eventllm-fuzzy
    Range: <=2025-07-22

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.