CVE-2025-67281 | THREATINT

Description

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content.

PUBLISHED Reserved 2025-12-08 | Published 2026-01-09 | Updated 2026-01-09 | Assigner mitre

References

tim-doc.atlassian.net/...s/eng/pages/230981636/Release+Notes

www.y-security.de/...uite-tim-flow-multiple-vulnerabilities/

cve.org (CVE-2025-67281)

nvd.nist.gov (CVE-2025-67281)

Download JSON