Rbi Restaurant Brands International Assistant — known CVE vulnerabilities
Every CVE whose affected-product data names Rbi Restaurant Brands International Assistant, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2025-62645 — CVSS 9.9 (critical): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token…
CVE-2025-62650 — CVSS 8.3 (high): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the…
CVE-2025-62651 — CVSS 6.5 (medium): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not implement access control for the bathroom rating…
CVE-2025-62648 — CVSS 6.4 (medium): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio…
CVE-2025-62642 — CVSS 5.8 (medium): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does…
CVE-2025-62649 — CVSS 5.8 (medium): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for submission of…
CVE-2025-62646 — CVSS 5.0 (medium): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to review the stored audio of…
CVE-2025-62644 — CVSS 5.0 (medium): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global Store Directory that shares personal…
CVE-2025-62647 — CVSS 5.0 (medium): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be…
CVE-2025-62643 — CVSS 3.4 (low): The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail…