CVE-2025-46340 | misskey-dev misskey 2025.2.0-alpha.0 UrlPreviewService/MkUrlPreview information exposure (GHSA-3p2w-xmv5-jm95)

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability was found in misskey-dev misskey 2025.2.0-alpha.0. It has been rated as critical. Affected by this issue is the function UrlPreviewService/MkUrlPreview. The manipulation leads to information exposure through error message.

This vulnerability is handled as CVE-2025-46340. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-46340 | misskey-dev misskey 2025.2.0-alpha.0 UrlPreviewService/MkUrlPreview information exposure (GHSA-3p2w-xmv5-jm95)

Post correlati

CVE-2023-46247 | vyper up to 0.3.7 Storage Layout unknown vulnerability

shouzu sweets oz Messages information disclosure

CVE-2024-40642 | netty-incubator-codec-ohttp up to 0.0.12 HTTP Protocol readRequestHead server-side request forgery (GHSA-q8f2-hxq5-cp4h)

CVE-2023-51963 | Tenda AX1803 1.0.0.1 setIptvInfo vlan stack-based overflow