Information disclosure in Solax Power Cloud

CVE-2025-36759

Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby leak sensitive information such as user email addresses and phone numbers.

Vulnerability class: Information Disclosure

EPSS: 0.003 (22.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References