CVE-2025-58130

Published: Dec 12, 2025

Modified: Dec 12, 2025

PUBLISHED

Description

Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release.

Vendor	Product	Versions
Apache Software Foundation	Apache Fineract	affected `0 - <= 1.11.0` unaffected `1.12.1`

Weaknesses (CWE)

CWE-522

References

https://lists.apache.org/thread/d9zpkc86zk265523tfvbr8w7gyr6onoy

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-58130

Description

Affected Products

Weaknesses (CWE)

References