CVE-2025-64487 HIGH

CVE-2025-64487: Outline is vulnerable to privilege escalation vulnerability in document sharing

Vendor Outline

Product outline

Weakness CWE-269

Published February 11, 2026

Last update February 11, 2026

View on NVD All CVEs

CVSS base score

7.6/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality High

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

What the vulnerability does

01Description

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. This vulnerability is fixed in 1.1.0.

Key dates

02Disclosure timeline

February 11, 2026 CVE published

February 11, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-64487

Related vulnerabilities

CVE-2025-64487: Outline is vulnerable to privilege escalation vulnerability in document sharing

01Description

02Disclosure timeline

03References

04Related CVE