CVE-2025-27581 Information

Description

NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known endpoints.

Reference

https://brics.cit.nih.gov https://github.com/brics-dev/brics https://github.com/RoseHacks/Vulnerability.Research/blob/main/CVE-2025-27581/README.md