Prasklatechnology Placipy — known CVE vulnerabilities
Every CVE whose affected-product data names Prasklatechnology Placipy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2026-25809 — CVSS 9.8 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not…
CVE-2026-25875 — CVSS 9.8 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts…
CVE-2026-25814 — CVSS 9.8 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, User-controlled query parameters are…
CVE-2026-25753 — CVSS 9.8 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static…
CVE-2026-25876 — CVSS 9.1 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/results.routes.ts…
CVE-2026-25810 — CVSS 9.1 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the backend/src/routes/student.submission…
CVE-2026-25811 — CVSS 9.1 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application derives the tenant…
CVE-2026-25812 — CVSS 8.8 (high): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application enables credentialed CORS…
CVE-2026-25813 — CVSS 7.5 (high): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The application logs highly sensitive…
CVE-2026-25806 — CVSS 6.5 (medium): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT…