Apache · Apache Fineract · CVE-2025-58137
**Name of the Vulnerable Software and Affected Versions**
Apache Fineract versions through 1.11.0
**Description**
An authorization bypass exists in Apache Fineract due to a user-controlled key issue. This allows for potential unauthorized access. The issue is addressed in version 1.12.1, and upgrading to version 1.13.0 is recommended.
**Recommendations**
Upgrade to version 1.13.0 or later.