CVE-2025-62720

LinkAce: Data Exfiltration via Export Functions Allow Access to All Users' Private Links

CVSS 7.1 HIGHEPSS 0.3%CWE-200 CWE-284

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.1EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

04 Nov 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

LinkAce is a self-hosted archive to collect website links. Versions 2.3.1 and below allow any authenticated user to export the entire database of links from all users in the system, including private links that should only be accessible to their owners. The HTML and CSV export functions in the ExportController class retrieve all links without applying any ownership or visibility filtering, effectively bypassing all access controls implemented elsewhere in the application. This issue is fixed in version 2.4.0.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected products

Kovah · LinkAce

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Kovah/LinkAce/commit/0ba49dba5176db390999de1f90b9d743a4aedc24 https://github.com/Kovah/LinkAce/releases/tag/v2.4.0 https://github.com/Kovah/LinkAce/security/advisories/GHSA-cqxv-6v28-2f2h