How severe is CVE-2025-15024?

High severity. CVSS v3 base score is 8.8 out of 10.

RCE in Yordam Information Technology Consulting, Training And Electronic Systems Industry Trade Inc. Library Automation System

CVE-2025-15024

Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion. This issu…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.000 (14.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Yordam Information Technology Consulting, Training And Electronic Systems Industry Trade Inc. Library Automation System — versions v.19.5

Weakness classification (CWE)

CWE-94 — Code Injection

References

iletisim@usom.gov.tr (government-resource)

Frequently asked questions

What is CVE-2025-15024?: CVE-2025-15024 is a high-severity vulnerability in Yordam Information Technology Consulting, Training And Electronic Systems Industry Trade Inc. Library Automation System, classified under Code Injection. CVSS score: 8.8/10. Published 2026-05-14.
How severe is CVE-2025-15024?: High severity. CVSS v3 base score is 8.8 out of 10.