PatchSiren cyber security CVE debrief
CVE-2025-59133 Projectopia CVE debrief
CVE-2025-59133 is a HIGH severity vulnerability with a CVSS score of 7.5. It is an Insecure Direct Object References (IDOR) vulnerability affecting custom roles in Projectopia versions up to 5.1.25.2.
- Vendor
- Projectopia
- Product
- Unknown
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of Projectopia plugin versions up to 5.1.25.2 should be aware of this vulnerability, especially those with custom roles configured.
Technical summary
The vulnerability allows attackers to access unauthorized objects due to improper validation of user requests. This could lead to potential data exposure.
Defensive priority
HIGH
Recommended defensive actions
- Update Projectopia to a version beyond 5.1.25.2 if possible.
- Review and restrict custom role permissions to minimize potential exposure.
- Monitor plugin and project activity for suspicious access patterns.
Evidence notes
Evidence suggests that this vulnerability was reported by [email protected] and is related to Projectopia plugin versions.
Official resources
-
CVE-2025-59133 CVE record
CVE.org
-
CVE-2025-59133 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2025-59133 was published on 2026-06-15T21:16:37.933Z and modified on 2026-06-15T21:24:32.790Z.