cvedb.io
CVE-2025-67418
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2025-12-22T20:15:45.303 · Last modified 2026-06-17T09:57:38.883

Summary

ClipBucket 5.5.2 is affected by an improper access control issue where the product is shipped or deployed with hardcoded default administrative credentials. An unauthenticated remote attacker can log in to the administrative panel using these default credentials, resulting in full administrative control of the application.

Affected products

oxygenz — clipbucket

Does this affect you?

Add your gear to cvedb and we'll alert you only when oxygenz ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.