CVE-2025-65113 MEDIUM

CVE-2025-65113: ClipBucket v5 Unauthenticated Object Flagging Vulnerability

Vendor Macwarrior
Product clipbucket-v5
Weakness CWE-770 · Uncontrolled resource consumption
Published November 29, 2025
Last update December 1, 2025

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 - #164, an authorization bypass vulnerability in the AJAX flagging system allows any unauthenticated user to flag any content (users, videos, photos, collections) on the platform. This can lead to mass flagging attacks, content disruption, and moderation system abuse. This issue has been patched in version 5.5.2 - #164.

Key dates

02Disclosure timeline

November 29, 2025 CVE published
December 1, 2025 Record updated