CVE-2025-56219

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions SigningHub version 8.6.8

Description An issue exists in SigningHub version 8.6.8 where incorrect access control allows attackers to create an unlimited number of user accounts. The absence of rate limiting enables attackers to exhaust system resources, potentially leading to a Denial of Service (DoS). The affected functionality involves adding packages via an API.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2025-56219

Affected Products

Signinghub

CVE-2025-56219

Weakness Enumeration

Related Identifiers

Affected Products

References · 12