mirror of
https://github.com/0x5t4l1n/CVE.git
synced 2026-05-26 19:26:32 +00:00
copilot-swe-agent[bot]
8c3b271b98
Agent-Logs-Url: https://github.com/0x5t4l1n/CVE/sessions/fa832b9e-3288-4289-b847-672ac80fb634 Co-authored-by: 0x5t4l1n <161853795+0x5t4l1n@users.noreply.github.com>
598 B
598 B
CVE-2026-32138 — API Key Exposure (Nexulean Website)
Severity: High
CWE: CWE-284, CWE-798
Summary
Exposed Firebase and Web3Forms API keys allowed unauthorized access to backend services.
Impact
- Unauthorized database access
- Exposure of user data
- Abuse of third-party services
Affected
v1.0.0
Fixed
v2.0.0
References
- https://github.com/advisories/GHSA-r7cr-5wcx-x9wm
- https://github.com/0x5t4l1n/website/releases/tag/v2.0.0
Credits
Reporter: rootcrypt
Coordinator: 0x5t4l1n