CVE-2025-63314 | DDSN Acora CMS 10.7.1 Password Reset Token password recovery

January 12, 2026 Yanac

A vulnerability labeled as critical has been found in DDSN Acora CMS 10.7.1. The impacted element is an unknown function of the component Password Reset Token Handler. Such manipulation leads to weak password recovery.

This vulnerability is referenced as CVE-2025-63314. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More

CVE-2025-68656 | Espressif esp-usb up to 1.0.x usb_class_request_get_descriptor use after free
CVE-2025-68276 | Avahi up to 0.9-rc2 mDNS/DNS-SD RecordBrowserNew assertion