CVE-2025-11864 NucleoidAI Nucleoid Outbound Request cluster.ts extension.apply server-side request forgery

🗓️ 16 Oct 2025 21:02:05Reported by VulDBType

CVE-2025-11864: NucleoidAI 0.7.10 SSRF via extension.apply in outbound request handler.

Reporter	Title	Published	Views	Family All 6
CNNVD	Nucleoid 代码问题漏洞	16 Oct 202500:00	–	cnnvd
CVE	CVE-2025-11864	16 Oct 202521:02	–	cve
EUVD	EUVD-2025-34835	16 Oct 202521:02	–	euvd
NVD	CVE-2025-11864	16 Oct 202521:15	–	nvd
RedhatCVE	CVE-2025-11864	17 Oct 202521:45	–	redhatcve
Vulnrichment	CVE-2025-11864 NucleoidAI Nucleoid Outbound Request cluster.ts extension.apply server-side request forgery	16 Oct 202521:02	–	vulnrichment

[
  {
    "vendor": "NucleoidAI",
    "product": "Nucleoid",
    "versions": [
      {
        "version": "0.7.0",
        "status": "affected"
      },
      {
        "version": "0.7.1",
        "status": "affected"
      },
      {
        "version": "0.7.2",
        "status": "affected"
      },
      {
        "version": "0.7.3",
        "status": "affected"
      },
      {
        "version": "0.7.4",
        "status": "affected"
      },
      {
        "version": "0.7.5",
        "status": "affected"
      },
      {
        "version": "0.7.6",
        "status": "affected"
      },
      {
        "version": "0.7.7",
        "status": "affected"
      },
      {
        "version": "0.7.8",
        "status": "affected"
      },
      {
        "version": "0.7.9",
        "status": "affected"
      },
      {
        "version": "0.7.10",
        "status": "affected"
      }
    ],
    "modules": [
      "Outbound Request Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/lakshayyverma/CVE-Discovery/blob/main/Nucleoid.md
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

16 Oct 2025 21:02Current

CVSS 46.9

CVSS 3.17.3

CVSS 37.3

CVSS 27.5

EPSS0.00412

CWE-918