- Description
- An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
- CNA Tags
- exclusively-hosted-service
CVSS 3.1
- Type
- Secondary
- Base score
- 9.3
- Impact score
- 4.7
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
- Severity
- CRITICAL
- cve@mitre.org
- CWE-863
- Hype score
- Not currently trending
CVE-2025-48757 An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables… https://t.co/5hBWlYCs76
@CVEnew
30 May 2025
513 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-48757: CRITICAL] Beware! An inadequate database security policy in Lovable website until 2025-04-15 enables unauthorized remote access to sensitive data. #cybersecurity#cve,CVE-2025-48757,#cybersecurity https://t.co/CRGGZbMgaI https://t.co/0W44SrgoK8
@CveFindCom
30 May 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes