{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T15:51:59.438","vulnerabilities":[{"cve":{"id":"CVE-2023-49095","sourceIdentifier":"security-advisories@github.com","published":"2023-11-30T07:15:09.133","lastModified":"2024-11-21T08:32:48.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"nexkey is a microblogging platform. Insufficient validation of ActivityPub requests received in inbox could allow any user to impersonate another user in certain circumstances. This issue has been patched in version 12.122.2."},{"lang":"es","value":"nexkey es una plataforma de microblogging. Una validación insuficiente de las solicitudes de ActivityPub recibidas en la bandeja de entrada podría permitir que cualquier usuario se haga pasar por otro usuario en determinadas circunstancias. Este problema se solucionó en la versión 12.122.2."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nexryai:nexkey:*:*:*:*:*:node.js:*:*","versionEndExcluding":"12.122.2","matchCriteriaId":"0A765E23-8158-4CD7-ACF2-66ECF9A3FA1E"}]}]}],"references":[{"url":"https://github.com/nexryai/nexkey/commit/b96da0eac5a1e75abba94cf926f1251842829bab","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nexryai/nexkey/security/advisories/GHSA-fpxw-rw9v-2gmx","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/nexryai/nexkey/commit/b96da0eac5a1e75abba94cf926f1251842829bab","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/nexryai/nexkey/security/advisories/GHSA-fpxw-rw9v-2gmx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}