cvedb.io
CVE-2025-9109
LOW · CVSS 3.7
EPSS exploitation probability: 0%
Published 2025-08-18T06:15:30.250 · Last modified 2026-06-17T10:08:20.583

Summary

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitation appears to be difficult. The exploit has been released to the public and may be exploited.

Affected products

portabilis — i-diario

Does this affect you?

Add your gear to cvedb and we'll alert you only when portabilis ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.