VYPR

openml.org

by openml

CVEs (2)

  • CVE-2025-55796Nov 18, 2025
    risk 0.00cvss epss 0.01

    The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current…

  • CVE-2025-55795Sep 29, 2025
    risk 0.00cvss epss 0.00

    The openml/openml.org web application version v2.0.20241110 uses incremental user IDs and insufficient email ownership verification during email update workflows. An authenticated attacker controlling a user account with a lower user ID can update their email address to that of…