CVE-2025-6715902.01.2026, 17:16Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST7.5 HIGHNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NmitreCNA------CISA-ADPADP7.5 HIGHNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NBase ScoreCVSS 3.xEPSS ScorePercentile: 4%Common Weakness EnumerationCWE-319 - Cleartext Transmission of Sensitive InformationThe software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.Referenceshttp://vatilon.comhttps://github.com/Remenis/CVE-2025-67159