High severity7.3NVD Advisory· Published Feb 19, 2026· Updated Jun 5, 2026
CVE-2025-9062
CVE-2025-9062
Description
Authorization Bypass Through User-Controlled Key vulnerability in MeCODE Informatics and Engineering Services Ltd. Envanty allows Parameter Injection.
This issue affects Envanty: before 1.0.6.
NOTE: The vendor was contacted early about this disclosure but did not respond in any way. The vulnerability was learned to be remediated through reporter information and testing.
Affected products
1- Range: <1.0.6
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.