Unrated severityOSV Advisory· Published Dec 16, 2025· Updated Dec 17, 2025
CVE-2025-64012
CVE-2025-64012
Description
InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 0.9beta, v1.0.0, v1.0.1, …
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.