← back
CVE-2025-15023

Improper Access Control in Yordam Informatics' Library Automation System

CVSS 8.8 HIGHEPSS 0.2%CWE-863
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
14 May 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Library Automation System: from v.19.5 before v.22.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. · Library Automation System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0240