CVE-2025-58587

Name of the Vulnerable Software and Affected Versions Web Application Crede (affected versions not specified)

Description The application lacks adequate protection against brute-force attacks on authentication. Specifically, it does not limit the number of failed login attempts within a defined timeframe, potentially allowing attackers to guess user credentials. The API endpoint used for authentication is susceptible to this type of attack. The vulnerable parameters involved in the authentication process include username and password.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.