CVE-2025-69908 | THREATINT

Description

An unauthenticated information disclosure vulnerability in Newgen OmniApp allows attackers to enumerate valid privileged usernames via a publicly accessible client-side JavaScript resource.

PUBLISHED Reserved 2026-01-09 | Published 2026-01-23 | Updated 2026-01-23 | Assigner mitre

References

newgensoft.com/

github.com/...oftware-Advisories/blob/main/CVE-2025-69908.md

cve.org (CVE-2025-69908)

nvd.nist.gov (CVE-2025-69908)

Download JSON