CVE-2025-51867

Publication date

2025-07-22 00:00:00

Family

mitre

State

PUBLISHED

Description

Insecure Direct Object Reference (IDOR) vulnerability in Deepfiction AI (deepfiction.ai) thru June 3, 2025, allowing attackers to chat with the LLM using other users credits via sensitive information gained by the /browse/stories endpoint.