PatchSiren cyber security CVE debrief

CVE-2021-45475 Yordam CVE debrief

CVE-2021-45475 is a medium-severity information disclosure vulnerability affecting Yordam Library Automation System versions prior to 19.02. The vulnerability allows unauthenticated attackers to access sensitive information without requiring authentication credentials. The issue was publicly disclosed on October 27, 2022, with the most recent modification to the CVE record occurring on May 18, 2026. The vulnerability is classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor) and carries a CVSS 3.1 score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N), indicating network-accessible, low-complexity attacks that require no privileges or user interaction, with limited confidentiality impact. The affected product is Yordam's Library Information Document Automation system, a library management solution. The vulnerability was reported through Turkish cybersecurity authorities, with advisories published by both the National Cyber Security Incident Response Center (USOM) and the Cyber Security Directorate. Organizations running affected versions should upgrade to version 19.02 or later to remediate this vulnerability.