CVE-2025-40676 | BBMRI-ERIC Negotiator up to 3.15.4 /api/v3/users/ userID authorization (EUVD-2025-32714)

A vulnerability classified as problematic was found in BBMRI-ERIC Negotiator up to 3.15.4. This affects an unknown part of the file /api/v3/users/. Such manipulation of the argument userID leads to authorization bypass.

This vulnerability is uniquely identified as CVE-2025-40676. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More