CVE-2025-59826

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Name of the Vulnerable Software and Affected Versions Flag Forge versions prior to 2.2.0

Description Flag Forge is a Capture The Flag (CTF) platform. Non-admin users are able to create arbitrary challenges, which could lead to the introduction of malicious, incorrect, or misleading content.

Recommendations Update to version 2.2.0 or later.

Exploit

Fix

LPE

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2025-59826

GHSA-Q7PG-QCHV-3PC5

Affected Products

Flagforge

CVE-2025-59826

Weakness Enumeration

Related Identifiers

Affected Products

References · 10