CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

July 15, 2025

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

A critical vulnerability has been disclosed in Immich, a rapidly growing open-source project for self-hosted photo and video management, with over 70,000 stars on GitHub. Tracked as CVE-2025-43856 and …

Published Date:
Jul 15, 2025 (16 hours, 21 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-53833

CVE-2025-43856

CVE-2024-9014

Source: Read More

Previous ArticleHazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

Next Article Preventing Zero-Click AI Threats: Insights from EchoLeak

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

CVE-2025-0324 – VAPIX Device Configuration Privilege Escalation

CVE-2025-9688 – Mupen64Plus Remote Integer Overflow Vulnerability

Node.js vs Django: Discover the Top Backend Framework for 2025

Celebrating an academic-industry collaboration to advance vehicle technology

Containerize legacy Spring Boot application using Amazon Q Developer CLI and MCP server

CVE-2025-48706 – Coros PACE 3 BLE Out-of-Bounds Read Reboot Vulnerability

CVE-2025-5287 – WordPress Likes and Dislikes Plugin SQL Injection

CVE-2025-39460 – ThimPress Eduma Missing Authorization Vulnerability

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform

Related Posts