CVE-2025-54120

N/A Unknown
Published: July 23, 2025 Modified: April 15, 2026
View on NVD

Description

PCL (Plain Craft Launcher) Community Edition is a Minecraft launcher. In PCL CE versions 2.12.0-beta.5 to 2.12.0-beta.9, the login credentials used during the third-party login process are accidentally recorded in the local log file. Although the log file is not automatically uploaded or shared, if the user manually sends the log file, there is a risk of leakage. This is fixed in version 2.12.0-beta.10.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/PCL-Community/PCL2-CE/commit/b72eaaef05c131958b0f03bd5e7c2464bbc2af4f
Source: security-advisories@github.com
https://github.com/PCL-Community/PCL2-CE/security/advisories/GHSA-f3rx-h3cv-696g
Source: security-advisories@github.com

2 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.0%
9th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-532

Related CVEs

CVE-2026-7581 4.3
CVE-2026-7580 5.3
CVE-2026-7579 7.3
CVE-2026-3772 8.8
CVE-2026-3140 4.3