CVE-2026-25875

Publication date

2026-02-09 21:07:15

Family

GitHub_M

State

PUBLISHED

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims (role and scope) without enforcing server-side role verification.