HIGH
Opto 22
CVE published 2025-11-25
CVE-2025-13084
CVE-2025-13084 is a high-severity information exposure issue in Opto 22 groov View. According to the CISA advisory, the groov View API users endpoint can return a list of all users and associated metadata, including API keys. The endpoint requires an Editor role, but it can reveal API keys for all users, including Administrators. Opto 22 has released a fix and recommends upgrading affected systems.