CVE-2026-10295

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions SourceCodester Customer Review App version 1.0

Description A denial of service can be triggered through the manipulation of the name and comment arguments. This issue affects the add review(), save review(), and get all reviews() functions within the review app.py file. The attack requires a local approach.

Recommendations Update SourceCodester Customer Review App version 1.0 to a patched version. As a temporary workaround, restrict access to the add review(), save review(), and get all reviews() functions in the review app.py file.

Exploit

Fix

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

CVE-2026-10295

Affected Products

Customer Review App

CVE-2026-10295

Weakness Enumeration

Related Identifiers

Affected Products

References · 9