CVE-2025-23027

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-23027

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-23027.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-23027

Aliases

GHSA-wppx-qmqh-9h33

Published

2025-01-13T19:41:43.514Z

Modified

2025-12-05T08:51:18.696852Z

Severity

6.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator

Summary

BASEHUB_TOKEN commited in next-forge

Details

next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems.

Database specific

{
    "cwe_ids": [
        "CWE-312"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/23xxx/CVE-2025-23027.json"
}

References

Affected packages

Git / github.com/haydenbleasel/next-forge

Affected ranges

Type

GIT

Repo

https://github.com/haydenbleasel/next-forge

Events

Introduced

Fixed

c8ab3359cec09b899202c5bd1d345328c1a44eda

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.0.11"
        }
    ]
}

Affected versions

v1.*

v1.0.0

v1.1.0

v1.1.1

v1.1.2

v1.2.0

v2.*

v2.0.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.1.0

v2.10.0

v2.10.1

v2.10.10

v2.10.2

v2.10.3

v2.10.4

v2.10.5

v2.10.6

v2.10.7

v2.10.8

v2.10.9

v2.11.0

v2.11.2

v2.11.3

v2.11.4

v2.11.5

v2.11.6

v2.11.7

v2.12.0

v2.12.1

v2.12.10

v2.12.11

v2.12.12

v2.12.13

v2.12.14

v2.12.15

v2.12.16

v2.12.17

v2.12.18

v2.12.19

v2.12.2

v2.12.3

v2.12.4

v2.12.5

v2.12.6

v2.12.7

v2.12.8

v2.12.9

v2.13.0

v2.13.1

v2.13.10

v2.13.11

v2.13.12

v2.13.13

v2.13.14

v2.13.15

v2.13.16

v2.13.17

v2.13.18

v2.13.2

v2.13.20

v2.13.21

v2.13.3

v2.13.4

v2.13.5

v2.13.6

v2.13.7

v2.13.8

v2.13.9

v2.14.0

v2.14.1

v2.14.10

v2.14.11

v2.14.12

v2.14.13

v2.14.14

v2.14.15

v2.14.16

v2.14.17

v2.14.3

v2.14.4

v2.14.5

v2.14.6

v2.14.7

v2.14.8

v2.14.9

v2.15.0

v2.15.1

v2.15.10

v2.15.2

v2.15.3

v2.15.4

v2.15.5

v2.15.6

v2.15.7

v2.15.8

v2.15.9

v2.16.0

v2.16.1

v2.16.10

v2.16.11

v2.16.12

v2.16.13

v2.16.14

v2.16.15

v2.16.16

v2.16.17

v2.16.2

v2.16.3

v2.16.4

v2.16.5

v2.16.6

v2.16.7

v2.16.8

v2.16.9

v2.17.0

v2.17.1

v2.17.2

v2.17.3

v2.18.0

v2.18.1

v2.18.10

v2.18.11

v2.18.12

v2.18.13

v2.18.14

v2.18.15

v2.18.16

v2.18.17

v2.18.18

v2.18.19

v2.18.2

v2.18.20

v2.18.21

v2.18.22

v2.18.23

v2.18.24

v2.18.25

v2.18.26

v2.18.27

v2.18.28

v2.18.29

v2.18.3

v2.18.30

v2.18.31

v2.18.32

v2.18.33

v2.18.4

v2.18.5

v2.18.6

v2.18.7

v2.18.8

v2.18.9

v2.19.0

v2.19.1

v2.19.2

v2.19.3

v2.19.4

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.2.6

v2.2.7

v2.20.0

v2.20.1

v2.20.10

v2.20.11

v2.20.12

v2.20.13

v2.20.14

v2.20.15

v2.20.16

v2.20.17

v2.20.18

v2.20.19

v2.20.2

v2.20.20

v2.20.21

v2.20.22

v2.20.23

v2.20.24

v2.20.25

v2.20.26

v2.20.27

v2.20.28

v2.20.29

v2.20.3

v2.20.30

v2.20.31

v2.20.4

v2.20.5

v2.20.6

v2.20.7

v2.20.8

v2.20.9

v2.21.0

v2.21.1

v2.21.10

v2.21.11

v2.21.2

v2.21.3

v2.21.4

v2.21.5

v2.21.6

v2.21.7

v2.21.8

v2.21.9

v2.3.0

v2.4.0

v2.4.1

v2.4.10

v2.4.11

v2.4.2

v2.4.3

v2.4.4

v2.4.5

v2.4.6

v2.4.7

v2.4.8

v2.4.9

v2.5.0

v2.5.1

v2.6.0

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.6.6

v2.7.0

v2.7.1

v2.7.2

v2.7.3

v2.7.4

v2.8.0

v2.9.0

v2.9.1

v2.9.2

v2.9.3

v2.9.4

v3.*

v3.0.0

v3.0.1

v3.0.10

v3.0.2

v3.0.3

v3.0.4

v3.0.6

v3.0.7

v3.0.8

v3.0.9

Git / github.com/vercel/next-forge