CVE-2025-64487 | THREATINT

Description

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in 1.1.0.

PUBLISHED Reserved 2025-11-05 | Published 2026-02-11 | Updated 2026-02-11 | Assigner GitHub_M

HIGH: 7.6CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Problem types

CWE-269: Improper Privilege Management

Product status

<= 1.0.1

affected

References

github.com/...utline/security/advisories/GHSA-c8xf-3j86-7686

github.com/outline/outline/releases/tag/v1.1.0

cve.org (CVE-2025-64487)

nvd.nist.gov (CVE-2025-64487)

Download JSON