{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T22:05:43.022","vulnerabilities":[{"cve":{"id":"CVE-2025-15586","sourceIdentifier":"ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a","published":"2026-02-19T07:17:36.540","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can result in authentication bypass without knowledge of the victim account's password."},{"lang":"es","value":"Las instalaciones de OGP-Website anteriores al commit de git 52f865a4fba763594453068acf8fa9e3fc38d663 se ven afectadas por una falla de manipulación de tipos que, si se explota, puede resultar en una omisión de autenticación sin conocimiento de la contraseña de la cuenta de la víctima."}],"metrics":{"cvssMetricV40":[{"source":"ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://github.com/OpenGamePanel/OGP-Website/commit/52f865a4fba763594453068acf8fa9e3fc38d663","source":"ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a"},{"url":"https://github.com/OpenGamePanel/OGP-Website/pull/644","source":"ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a"},{"url":"https://projectblack.io/blog/vibe-hacking-open-game-panel-rce/#vul-01-type-juggling-authentication-bypass","source":"ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a"}]}}]}