PatchSiren cyber security CVE debrief
CVE-2025-10174 Pan Software & Information Technologies Ltd. CVE debrief
A Cleartext Transmission of Sensitive Information vulnerability was discovered in PanCafe Pro, a product by Pan Software & Information Technologies Ltd. This vulnerability, tracked as CVE-2025-10174, has a CVSS score of 8.3 and is classified as HIGH severity. The issue allows for Flooding and affects PanCafe Pro versions from before 3.3.2 through 23092025.
- Vendor
- Pan Software & Information Technologies Ltd.
- Product
- PanCafe Pro
- CVSS
- HIGH 8.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-11
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-02-11
- Advisory updated
- 2026-06-05
Who should care
Users of PanCafe Pro, particularly those using versions before 3.3.2 through 23092025, should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability is caused by the cleartext transmission of sensitive information in PanCafe Pro. This allows an attacker to exploit the vulnerability and potentially lead to Flooding.
Defensive priority
HIGH
Recommended defensive actions
- Update PanCafe Pro to version 3.3.2 or later.
- Implement secure communication protocols to prevent cleartext transmission of sensitive information.
Evidence notes
The CVE record for CVE-2025-10174 was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2025-10174). The NVD detail for this vulnerability can be found at [nvd](https://nvd.nist.gov/vuln/detail/CVE-2025-10174). Additional information is available at [ref-4](https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0058) and [ref-5](https://www.usom.gov.tr/bildirim/tr-26-0058).
Official resources
CVE-2025-10174 was published on 2026-02-11T12:16:01.580Z and modified on 2026-06-05T11:16:32.867Z.