CVE-2025-15602

Description

Snipe-IT has sensitive user attributes related to account privileges that are insufficiently protected against mass assignment

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-15602
• https://github.com/grokability/snipe-it
• https://github.com/grokability/snipe-it/releases/tag/v8.3.7
• https://snipeitapp.com
• https://www.vulncheck.com/advisories/snipe-it-mass-assignment-vulnerability-leading-to-privilege-escalation