Lucene search
K

6 matches found

GithubExploit
GithubExploit
added 2025/10/22 9:48 a.m.180 views

Exploit for Cross-Site Request Forgery (CSRF) in Nestjs Devtools-Integration

CVE-2025-54...

9.4CVSS7AI score0.43921EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2025/08/02 12:45 a.m.9 views

@ballerine/workflows-service (>=0.4.6 <=0.5.49), @digitaltg/vc-signer (=1.0.0) +9 more potentially affected by CVE-2025-54782 via @nestjs/devtools-integration (=0.1.6)

@nestjs/devtools-integration NPM version =0.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on @nestjs/devtools-integration and may be impacted: - @ballerine/workflows-service =0.4.6, =0.0.37, =0.0.4, =0.0.1, =0.0.6, =0.0.82, =0.0.32, =1.0.0, =1.0.9 -...

9.4CVSS6AI score0.43921EPSS
Exploits4
NVD
NVD
added 2025/08/02 12:15 a.m.27 views

CVE-2025-54782

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

9.4CVSS0.43921EPSS
Exploits4References5
Cvelist
Cvelist
added 2025/08/01 11:36 p.m.25 views

CVE-2025-54782 @nestjs/devtools-integration's CSRF to Sandbox Escape Allows for RCE against JS Developers

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

9.4CVSS0.43921EPSS
Exploits4References5
CVE
CVE
added 2025/08/01 11:36 p.m.100 views

CVE-2025-54782

CVE-2025-54782 affects the NestJS devtools-integration package (versions 0.2.0 and earlier). The vulnerability enables Remote Code Execution via a local development HTTP server endpoint, /inspector/graph/interact, which accepts JSON containing a code field and executes it in a Node.js vm.runInNew...

9.4CVSS8.3AI score0.43921EPSS
In wildExploits4References5Affected Software1
GithubExploit
GithubExploit
added 2025/07/25 7:50 p.m.142 views

Exploit for CVE-2025-54782

CVE-2025-54782 RCE POC Read more: - https:...

9.4CVSS6.5AI score0.43921EPSS
Exploits4
Rows per page
Query Builder