PatchSiren cyber security CVE debrief

CVE-2025-68851 ArrayHQ CVE debrief

CVE-2025-68851 is a high-severity Unauthenticated Cross Site Scripting (XSS) vulnerability in Okay Toolkit versions <= 2. The vulnerability has a CVSS score of 7.1 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2025-68851).

Vendor: ArrayHQ
Product: Okay Toolkit
CVSS: HIGH 7.1
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-06-15
Original CVE updated: 2026-06-15
Advisory published: 2026-06-15
Advisory updated: 2026-06-15

Who should care

Users of Okay Toolkit versions <= 2.

Technical summary

CVE-2025-68851 is an Unauthenticated Cross Site Scripting (XSS) vulnerability in Okay Toolkit versions <= 2. The vulnerability has a CVSS score of 7.1 and a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L.

Defensive priority

high

Recommended defensive actions

Update Okay Toolkit to a version greater than 2.

Evidence notes

Evidence for this CVE comes from Patchstack.

Official resources

CVE-2025-68851 CVE record
CVE.org
CVE-2025-68851 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected]

CVE-2025-68851 was published on 2026-06-15T21:16:38.443Z and modified on 2026-06-15T21:24:32.790Z.