Critical severityOSV Advisory· Published Dec 17, 2025· Updated Dec 17, 2025
CVE-2025-67165
CVE-2025-67165
Description
An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pagekit/pagekitPackagist | <= 1.0.18 | — |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-w3j8-9p3j-3wjxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-67165ghsaADVISORY
- github.com/mbiesiad/vulnerability-research/tree/main/CVE-2025-67165ghsaWEB
- github.com/pagekit/docs/blob/develop/user-interface/users.mdghsaWEB
- github.com/pagekit/docs/blob/develop/user-interface/users.mdghsaWEB
News mentions
0No linked articles in our index yet.