CVE-2025-68110

216.73.216.82

· Published 17/12/2025 22:16 · Modified 18/12/2025 18:29

Labels: CVE-2025-68110 2025-12-17 CVE-2025-68110 [email protected]

Essential information

Published: 17/12/2025 22:16
Modified: 18/12/2025 18:29
Author: —
Creator: —
CVSS: 9.9 CRITICAL (v3.1)
CISA KEV: No
CWE: —
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS metrics

Description

ChurchCRM is an open-source church management system. Versions prior to 6.5.3 may disclose database information in an error message including the host, ip, username, and password. Version 6.5.3 fixes the issue.

NVD status

Status: Analyzed — CVE has had analysis completed and all data associations made.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
churchcrm / churchcrm	`cpe:2.3:a:churchcrm:churchcrm::::::::`