Alex Holliday

3 exploits Active since May 2025
CVE-2025-47245 WRITEUP HIGH WRITEUP
BlueWave Checkmate <2.0.2 - Privilege Escalation
In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role.
CVSS 8.1
CVE-2025-47817 WRITEUP HIGH WRITEUP
BlueWave Checkmate <2.0.2 - Privilege Escalation
In BlueWave Checkmate through 2.0.2 before b387eba, a profile edit request can include a role parameter.
CVSS 8.8
CVE-2025-48024 WRITEUP MEDIUM WRITEUP
BlueWave Checkmate <2.1 - Info Disclosure
In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint.
CVSS 5.0