CVE-2026-10295

SourceCodester Customer Review App review_app.py get_all_reviews denial of service

CVSS 4.8 MEDIUMEPSS 0.1%CWE-404

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approach. The exploit has been made public and could be used.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P

Affected products

SourceCodester · Customer Review App

public PoCs found — 1

cve_referencepastebin.com/Ud5vaGp6unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://pastebin.com/Ud5vaGp6 https://vuldb.com/cve/CVE-2026-10295 https://vuldb.com/submit/826530 https://vuldb.com/vuln/367588 https://vuldb.com/vuln/367588/cti https://www.sourcecodester.com/