CVE-2025-51867 | THREATINT

Description

Insecure Direct Object Reference (IDOR) vulnerability in Deepfiction AI (deepfiction.ai) thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint.

PUBLISHED Reserved 2025-06-16 | Published 2025-07-22 | Updated 2025-07-23 | Assigner mitre

References

github.com/Secsys-FDU/CVE-2025-51867

cve.org (CVE-2025-51867)

nvd.nist.gov (CVE-2025-51867)

Download JSON