Auth bypass in Rommapp Romm
CVE-2025-65096
RomM (ROM Manager) allows users to scan, enrich, browse and play their game collections with a clean and responsive interface. Prior to 4.4.1 and 4.4.1-beta.2, users can read private collections / smart collections belonging to other users…
EPSS: 0.000 (11.0th percentile) — read the EPSS interpretation.
Affected products
- Rommapp Romm — versions < 4.4.1-beta.2
Weakness classification (CWE)
References
- https://github.com/rommapp/romm/security/advisories/GHSA-5ghc-8wr3-788c (x_refsource_CONFIRM)