What is CVE-2025-15115?

CVE-2025-15115 is a medium-severity vulnerability in Petlibrio Smart Pet Feeder Platform, classified under Missing Authorization. CVSS score: 6.5/10. Published 2026-01-03.

How severe is CVE-2025-15115?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Auth bypass in Petlibrio Smart Pet Feeder Platform

CVE-2025-15115

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authentication bypass vulnerability that allows unauthenticated attackers to access any user account by exploiting OAuth token validation flaws in the social login system…

Vulnerability class: Broken Access Control

EPSS: 0.001 (33.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.

Affected products

Petlibrio Smart Pet Feeder Platform — versions Unknown

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

Security Research: Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks (third-party-advisory, technical-description)
VulnCheck Advisory: Petlibro Smart Pet Feeder Platform through 1.7.31 Authentication Bypass via API endpoint (third-party-advisory)

Frequently asked questions

What is CVE-2025-15115?: CVE-2025-15115 is a medium-severity vulnerability in Petlibrio Smart Pet Feeder Platform, classified under Missing Authorization. CVSS score: 6.5/10. Published 2026-01-03.
How severe is CVE-2025-15115?: Medium severity. CVSS v3 base score is 6.5 out of 10.