VYPR
Vendor

Bevy

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2025-54599Sep 2, 2025
    risk 0.00cvss epss 0.00

    The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows account takeover, if SSO is used, when a victim changes the email address that they have configured. To exploit this, an attacker would create their own account and perform an…

  • CVE-2025-54598Aug 27, 2025
    risk 0.00cvss epss 0.00

    The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.