5 matches found
CVE-2025-23027
next-forge is a Next.js project boilerplate for modern web application. The BASEHUBTOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems...
CVE-2025-23027
creationtimestamp| type| source ---|---|--- 2025-01-13 19:47:53+00:00| seen| https://infosec.exchange/users/cve/statuses/113822772296271638 2025-01-13 20:07:27+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1375 2025-01-13 22:05:38+00:00| seen|...
CVE-2025-23027 BASEHUB_TOKEN commited in next-forge
next-forge is a Next.js project boilerplate for modern web application. The BASEHUBTOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems...
CVE-2025-23027 BASEHUB_TOKEN commited in next-forge
next-forge is a Next.js project boilerplate for modern web application. The BASEHUBTOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems...
CVE-2025-23027
CVE-2025-23027 affects the next-forge Next.js boilerplate. The root cause is a BASEHUB_TOKEN committed in apps/web/.env.example, exposing credentials and potentially granting unauthorized access if the token is active. Public references (NVD/Red Hat/OSV and others) describe the issue in terms of ...