CVE-2025-62406 | Piwigo 15.6.0 Password Reset password recovery (GHSA-9986-w7jf-33f6)

A vulnerability classified as critical was found in Piwigo 15.6.0. This affects an unknown part of the component Password Reset Handler. Such manipulation leads to weak password recovery.

This vulnerability is documented as CVE-2025-62406. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More