cvedb.io
CVE-2026-25809
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2026-02-09T21:15:49.957 · Last modified 2026-06-17T10:25:16.810

Summary

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not validate the assessment lifecycle state before allowing execution. There is no check to ensure that the assessment has started, is not expired, or the submission window is currently open.

Affected products

prasklatechnology — placipy

Does this affect you?

Add your gear to cvedb and we'll alert you only when prasklatechnology ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.