CVE-2025-52085

Name of the Vulnerable Software and Affected Versions: Yoosee version 6.32.4

Description: An SQL injection flaw exists in the Yoosee application that allows authenticated users to inject arbitrary SQL queries through a request to a backend API endpoint. Successful exploitation can lead to the extraction of sensitive database information, including the database server banner and version, current database user and schema, DBMS user privileges, and arbitrary data from any table.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.