CVE-2025-14086 | youlaitech youlai-mall 1.0.0/2.0.0 openid access control

A vulnerability, which was classified as critical, was found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is an unknown function of the file /app-api/v1/members/openid/. The manipulation of the argument openid results in improper access controls.

This vulnerability is identified as CVE-2025-14086. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More