CVE-2025-1395

Sensitive Data Exposure in CoDeriApp's HeyGarson

CVSS 8.2 HIGHEPSS 0.3%CWE-209

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 8.2EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

30 ene 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping. This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing process but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Productos afectados

Codriapp Innovation and Software Technologies Inc. · HeyGarson

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0009 https://www.usom.gov.tr/bildirim/tr-26-0009