Vulnerability Database

317,828

Total vulnerabilities in the database

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

Published: Jan 14, 2026
Updated: Jan 15, 2026
CVE: CVE-2025-67859
Exploit:

No technical information available.

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

No affected software listed.

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67859
https://security.opensuse.org/2026/01/07/tlp-polkit-authentication-bypass.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo