CVE-2025-23027

Published: Jan 13, 2025

Modified: Jan 13, 2025

PUBLISHED

Description

next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems.

Vendor	Product	Versions
haydenbleasel	next-forge	affected `< 3.0.11`

Weaknesses (CWE)

CWE-312

References

https://github.com/haydenbleasel/next-forge/security/advisories/GHSA-wppx-qmqh-9h33

x_refsource_CONFIRM

https://github.com/haydenbleasel/next-forge/commit/239a98f2c308a51d626ae0613102917f82603c1c

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-23027

Description

Affected Products

Weaknesses (CWE)

References