CVE-2025-54591 | FreshRSS up to 1.26.x FreshRSS_Auth::hasAccess access control (GHSA-jf4v-f8p2-8xvq)

A vulnerability identified as critical has been detected in FreshRSS up to 1.26.x. Affected by this issue is the function FreshRSS_Auth::hasAccess. Performing manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2025-54591. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More