CVE-2025-69908

Published January 23rd, 2026

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An unauthenticated information disclosure vulnerability in Newgen OmniApp allows attackers to enumerate valid privileged usernames via a publicly accessible client-side JavaScript resource.

CBx216/CVE-Newgen-Software-Advisories

Advisory for CVE-2025-65742 — Newgen OmniDocs LDAP Admin BFLA

GitHub