Unknown · Yaay Social Media App · CVE-2025-12008
**Name of the Vulnerable Software and Affected Versions**
Yaay Social Media App versions 3.8.0 through 24102025
**Description**
An authorization bypass exists due to a user-controlled key, which allows access to functionality not properly constrained by Access Control Lists (ACLs), which are sets of rules that define permissions for users or systems to access specific resources.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.