CVE-2025-14651 MartialBE one-hub docker-compose.yml hard-coded key

🗓️ 14 Dec 2025 08:32:06Reported by VulDBType

CVE 2025 14651 affects MartialBE one hub; docker-compose.yml exposes a hard coded key via session secret allowing remote exploit.

Reporter	Title	Published	Views	Family All 8
CNNVD	One Hub 安全漏洞	14 Dec 202500:00	–	cnnvd
CVE	CVE-2025-14651	14 Dec 202508:32	–	cve
EUVD	EUVD-2025-203290	14 Dec 202509:30	–	euvd
NVD	CVE-2025-14651	14 Dec 202509:15	–	nvd
OSV	CVE-2025-14651	14 Dec 202509:15	–	osv
Positive Technologies	PT-2025-51155	14 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-14651	15 Dec 202521:29	–	redhatcve
Vulnrichment	CVE-2025-14651 MartialBE one-hub docker-compose.yml hard-coded key	14 Dec 202508:32	–	vulnrichment

[
  {
    "vendor": "MartialBE",
    "product": "one-hub",
    "versions": [
      {
        "version": "0.14.0",
        "status": "affected"
      },
      {
        "version": "0.14.1",
        "status": "affected"
      },
      {
        "version": "0.14.2",
        "status": "affected"
      },
      {
        "version": "0.14.3",
        "status": "affected"
      },
      {
        "version": "0.14.4",
        "status": "affected"
      },
      {
        "version": "0.14.5",
        "status": "affected"
      },
      {
        "version": "0.14.6",
        "status": "affected"
      },
      {
        "version": "0.14.7",
        "status": "affected"
      },
      {
        "version": "0.14.8",
        "status": "affected"
      },
      {
        "version": "0.14.9",
        "status": "affected"
      },
      {
        "version": "0.14.10",
        "status": "affected"
      },
      {
        "version": "0.14.11",
        "status": "affected"
      },
      {
        "version": "0.14.12",
        "status": "affected"
      },
      {
        "version": "0.14.13",
        "status": "affected"
      },
      {
        "version": "0.14.14",
        "status": "affected"
      },
      {
        "version": "0.14.15",
        "status": "affected"
      },
      {
        "version": "0.14.16",
        "status": "affected"
      },
      {
        "version": "0.14.17",
        "status": "affected"
      },
      {
        "version": "0.14.18",
        "status": "affected"
      },
      {
        "version": "0.14.19",
        "status": "affected"
      },
      {
        "version": "0.14.20",
        "status": "affected"
      },
      {
        "version": "0.14.21",
        "status": "affected"
      },
      {
        "version": "0.14.22",
        "status": "affected"
      },
      {
        "version": "0.14.23",
        "status": "affected"
      },
      {
        "version": "0.14.24",
        "status": "affected"
      },
      {
        "version": "0.14.25",
        "status": "affected"
      },
      {
        "version": "0.14.26",
        "status": "affected"
      },
      {
        "version": "0.14.27",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/MartialBE/one-hub/issues/872
github	www.github.com/MartialBE/one-hub/issues/872
github	www.github.com/MartialBE/one-hub/blob/main/docker-compose.yml
vuldb	www.vuldb.com/

14 Dec 2025 08:32Current

CVSS 22.6

CVSS 3.13.7

CVSS 33.7

CVSS 46.3

EPSS0.00298