Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
OGP-Website: Old Installs Open to Passwordless Access
CVE-2025-15586
Summary
If exploited, a security flaw in older versions of OGP-Website could allow an attacker to access your account without needing your password. This is a serious issue, as it means sensitive information could be accessed without your knowledge. Update to the latest version of OGP-Website to fix this vulnerability.
Original title
OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can result in authentication bypass without knowledge of the v...
Original description
OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can result in authentication bypass without knowledge of the victim account's password.
nvd CVSS4.0
10.0
Vulnerability type
CWE-287
Improper Authentication
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026