CVE-2025-65742

Published December 15th, 2025

View on NVD ↗

CVSS v3

8.2

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An unauthenticated Broken Function Level Authorization (BFLA) vulnerability in Newgen OmniDocs v11.0 allows attackers to obtain sensitive information and execute a full account takeover via a crafted API request.

CBx216/CVE-2025-65742-Newgen-OmniDocs-LDAP-BFLA

Advisory for CVE-2025-65742 — Newgen OmniDocs LDAP Admin BFLA

GitHub