VYPR
Medium severity6.5NVD Advisory· Published Nov 15, 2025· Updated Apr 15, 2026

CVE-2025-64307

CVE-2025-64307

Description

The Brightpick Internal Logic Control web interface is accessible without requiring user authentication. An unauthorized user could exploit this interface to manipulate robot control functions, including initiating or halting runners, assigning jobs, clearing stations, and deploying storage totes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.