CVE-2025-10174 | THREATINT

Description

Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd. PanCafe Pro allows Flooding. This issue affects PanCafe Pro: from < 3.3.2 through 23092025.

PUBLISHED Reserved 2025-09-09 | Published 2026-02-11 | Updated 2026-06-05 | Assigner TR-CERT

HIGH: 8.3CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

Problem types

CWE-319 Cleartext Transmission of Sensitive Information

Product status

Default status

unaffected

< 3.3.2 (custom)

affected

Credits

Muhammed İbrahim TEKİN finder

Teknopark İstanbul Mesleki Teknik Anadolu Lisesi coordinator

References

www.usom.gov.tr/bildirim/tr-26-0058 government-resource broken-link

siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0058 government-resource

cve.org (CVE-2025-10174)

nvd.nist.gov (CVE-2025-10174)

Download JSON