CVE-2025-57788: A vulnerability in a known login mechanism allows

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

• EPSS 80.7% (99.2% percentile)
• CVSS 6.9 medium

Detection rules

• Commvault QLogin with PublicSharingUser and GUID Password (CVE-2025-57788) medium

Browse the CVE database

Read the full analysis on IntelFusions