CVE-2025-12995

Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force attack on an API endpoint that could be used to determine a valid password under certain circumstances. This issue affects CareLink Network: before December 4, 2025.

More information : https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html