VYPR

Brics

by Brics Dev

Source repositories

CVEs (2)

  • CVE-2025-27580HigApr 24, 2025
    risk 0.49cvss 7.5epss 0.01

    NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) and thus allows unauthenticated users with a Common Access Card (CAC) to escalate privileges and…

  • CVE-2025-27581MedApr 24, 2025
    risk 0.28cvss 4.3epss 0.00

    NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints.