CVE-2025-67280 - TIM BPM Suite/TIM FLOW Hibernate Query Language Injection Vulnerabilities - 2025 Update

CVE ID : CVE-2025-67280 Published : Jan. 9, 2026, 4:16 p.m. | 1 hour, 8 minutes ago Description : In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Source: Telegram CVE Monitor