Unrated severityNVD Advisory· Published Aug 27, 2025· Updated Aug 27, 2025

CVE-2025-54598

Description

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.

Affected products

eBay/eBay Seller Eventsdescription
Bevy/Bevy Eventllm-fuzzy
Range: <=2025-07-22

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bevy.com/b/events-and-groupsmitre
gist.github.com/deep1chil/057b63e62d4db6158a3ee28995fc246fmitre
github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-43985.txtmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000