Rivek619/CVE-2025-65669

Releases0

An issue was discovered in classroomio 0.1.13. Student accounts are able to delete courses from the Explore page without any authorization or authentication checks, bypassing the expected admin-only deletion restriction. Discovered by - Rivek Raj Tamang (RivuDon), Sikkim, India.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-65669 ↗	Nov 26, 2025Wednesday, 26 November 2025, 19:15	9.1 CRITICAL	—
An issue was discovered in classroomio 0.1.13. Student accounts are able to delete courses from the Explore page without any authorization or authentication checks, bypassing the expected admin-only deletion restriction.