{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-15626", "assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "state": "PUBLISHED", "assignerShortName": "NCSC-FI", "dateReserved": "2026-04-09T08:02:43.824Z", "datePublished": "2026-04-27T12:47:43.307Z", "dateUpdated": "2026-04-27T13:57:35.842Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "shortName": "NCSC-FI", "dateUpdated": "2026-04-27T12:47:43.307Z"}, "title": "Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-639", "description": "CWE-639 Authorization bypass through User-Controlled key", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122 Privilege Abuse"}]}], "affected": [{"vendor": "Ribblr", "product": "Crotchet and Knitting", "platforms": ["iOS"], "versions": [{"status": "affected", "version": "2.5"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application"}]}], "references": [{"url": "https://ribblr.com/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "YES", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y"}}], "credits": [{"lang": "en", "value": "Aino Kivilahti", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T13:57:28.918618Z", "id": "CVE-2025-15626", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T13:57:35.842Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-15626", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-27T13:57:28.918618Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T13:57:32.033Z"}}], "cna": {"title": "Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Aino Kivilahti"}], "impacts": [{"capecId": "CAPEC-122", "descriptions": [{"lang": "en", "value": "CAPEC-122 Privilege Abuse"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.3, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Ribblr", "product": "Crotchet and Knitting", "versions": [{"status": "affected", "version": "2.5"}], "platforms": ["iOS"], "defaultStatus": "affected"}], "references": [{"url": "https://ribblr.com/"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application", "supportingMedia": [{"type": "text/html", "value": "Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639 Authorization bypass through User-Controlled key"}]}], "providerMetadata": {"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "shortName": "NCSC-FI", "dateUpdated": "2026-04-27T12:47:43.307Z"}}}, "cveMetadata": {"cveId": "CVE-2025-15626", "state": "PUBLISHED", "dateUpdated": "2026-04-27T13:57:35.842Z", "dateReserved": "2026-04-09T08:02:43.824Z", "assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "datePublished": "2026-04-27T12:47:43.307Z", "assignerShortName": "NCSC-FI"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application"}], "id": "CVE-2025-15626", "lastModified": "2026-04-27T18:57:20.293", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "type": "Secondary"}]}, "published": "2026-04-27T14:16:21.513", "references": [{"source": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "url": "https://ribblr.com/"}], "sourceIdentifier": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "db4dfee8-a97e-4877-bfae-eba6d14a2166", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["ios"], "status": "affected", "versions": {"scheme": "generic", "value": "2.5"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Crotchet and Knitting", "source": "cna", "vendor": "Ribblr"}, "product": "crotchet_and_knitting", "vendor": "ribblr"}], "analysis": {"en": {"generated_at": "2026-04-28T19:46:12.449672+00:00", "value": {"mitigation_remediation": ["Contact Ribblr support for a patch or guidance on how to mitigate the vulnerability.", "Ensure that all privileged operations on the server perform a server\u2011side role or permission check and reject any requests that do not meet the required access level.", "Restrict and validate API endpoints so that calls to privileged functions cannot be invoked by lower\u2011privilege users, and enforce strict request validation on the server."], "summary": {"action": "Update", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The affected product, as identified by the CNA, is the Ribblr:Crotchet and Knitting iOS application. No specific version information is provided in the advisory, so all releases of the app could be affected until the vendor delivers a patch. Administrators should verify the installed version on user devices to assess exposure.", "description_and_impact": "The vulnerability in the Ribblr:Crotchet and Knitting iOS application allows an authenticated user to bypass the application\u2019s intended authorization controls, enabling them to perform actions that should be reserved for higher\u2011privilege users. The weakness is classified as CWE\u2011639, indicating that an attacker can alter the role or permission context of an authenticated user. While it does not provide arbitrary code execution or denial of service, the impact includes unauthorized data disclosure, content modification, or other privileged actions that compromise the integrity and confidentiality of the application data.", "risk_and_exploitability": "The CVSS base score of 5.3 indicates moderate severity. An EPSS score is not available, so a precise exploitation probability cannot be quantified, but the absence of a KEV listing suggests no documented exploitation at present. Based on the description, the likely attack vector involves an authenticated user manipulating client\u2011side requests or data to override authorization checks. Successful exploitation requires only valid credentials and does not need additional privileges beyond regular application access."}}}}, "created": "2026-04-28T09:17:10.399341+00:00", "updated": "2026-04-28T20:00:19.846982+00:00", "vendors": ["ribblr", "ribblr$PRODUCT$crotchet_and_knitting"]}