What the vulnerability does
01Description
Missing Authorization vulnerability in Reoon Technology Reoon Email Verifier reoon-email-verifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reoon Email Verifier: from n/a through <= 2.0.1.
Explanation of Vulnerability in Simple Terms
02Summary
Reoon Email Verifier versions 2.0.1 and earlier lack proper authorization checks, allowing authenticated users to trigger a denial-of-service condition. An attacker with low-level account access can exhaust the application's availability without requiring user interaction. The vulnerability affects the service's ability to respond to legitimate requests.
What an attacker can do
03Attacker Capabilities
Disrupt the service's availability by exhausting resources through repeated requests.
Potential impact on your site
04Site Impact
Legitimate users may experience service unavailability or degraded performance during an attack.
Conditions required to exploit
05Prerequisites
Attacker must have a valid low-privilege account on the system.
Key dates
06Disclosure timeline
October 27, 2025
CVE published
April 28, 2026
Record updated