CVE-2025-14317 — In Crazy Bubble Tea mobile application authenticated attacker can obtain personal information about other users by enumerating a `loyaltyGuestId` parameter. Server does not verify the permissions requ — CVE Database · The Intelligence Room