CVE-2025-12925

Name of the Vulnerable Software and Affected Versions rymcu forest (affected versions not specified)

Description A security flaw exists due to missing authorization. The issue affects the getAll/addDic/getAllDic/deleteDic function within the src/main/java/com/rymcu/forest/lucene/api/UserDicController.java file. The attack can be launched remotely. The product operates on a rolling release basis, meaning there are no specific version details for affected or updated releases.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.