CVE

CVE-2026-25126

PolarLearn's unvalidated vote direction allows vote count manipulation

CVE

CVE-2026-25126

PolarLearn's unvalidated vote direction allows vote count manipulation

PolarLearn is a free and open-source learning program. Prior to version 0-PRERELEASE-15, the vote API route (POST /api/v1/forum/vote) trusts the JSON body’s direction value without runtime validation. TypeScript types are not enforced at runtime, so an attacker can send arbitrary strings (e.g., "x") as direction. Downstream (VoteServer) treats any non-"up" and non-null value as a downvote and persists the invalid value in votes_data. This can be exploited to bypass intended business logic. Version 0-PRERELEASE-15 fixes the vulnerability.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

7.1

3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

Related Resources

No items found.

References

https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/25xxx/CVE-2026-25126.json, https://github.com/polarnl/PolarLearn/commit/e6227d94d0e53e854f6a46480db8cd1051184d41, https://github.com/polarnl/PolarLearn/security/advisories/GHSA-ghpx-5w2p-p3qp, https://nvd.nist.gov/vuln/detail/CVE-2026-25126

Severity

7.1

CVSS Score

Basic Information

Ecosystem

Base CVSS

7.1

EPSS Probability

0.0002%

EPSS Percentile

0.0495%

Introduced Version

Fix Available

e6227d94d0e53e854f6a46480db8cd1051184d41

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

CVE-2026-25126

CVE-2026-25126

Package Versions Affected

Automatically patch vulnerabilities without upgrading

CVSS Version

Related Resources

References

Severity

7.1

Basic Information

Fix Critical Vulnerabilities Instantly