{"uuid": "ac700891-d7ae-444f-a8ec-f0568cd4bc48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-WPPX-QMQH-9H33", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1375", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23027\n\ud83d\udd39 Description: next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems.\n\ud83d\udccf Published: 2025-01-13T19:41:43.514Z\n\ud83d\udccf Modified: 2025-01-13T19:41:43.514Z\n\ud83d\udd17 References:\n1. https://github.com/haydenbleasel/next-forge/security/advisories/GHSA-wppx-qmqh-9h33\n2. https://github.com/haydenbleasel/next-forge/commit/239a98f2c308a51d626ae0613102917f82603c1c", "creation_timestamp": "2025-01-13T20:07:27.000000Z"}