{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T22:32:58.297","vulnerabilities":[{"cve":{"id":"CVE-2025-22138","sourceIdentifier":"security-advisories@github.com","published":"2025-01-13T21:15:14.500","lastModified":"2025-01-13T21:15:14.500","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"@codidact\/qpixel is a Q&A-based community knowledge-sharing software. In affected versions when a category is set to private or limited-visibility within QPixel's admin tools, suggested edits within this category can still be viewed by unprivileged or anonymous users via the suggested edit queue. This issue has not yet been patched and no workarounds are available. Users are advised to follow the development repo for updates.\n\n### Patches\nNot yet patched.\n\n### Workarounds\nNone available. Private or limited-visibility categories should not be considered ways to store sensitive information.\n\n### References\nInternal: [SUPPORT-114](https:\/\/codidact.atlassian.net\/issues\/SUPPORT-114)"},{"lang":"es","value":"@codidact\/qpixel es un software de intercambio de conocimientos basado en preguntas y respuestas. En las versiones afectadas, cuando una categoría se configura como privada o con visibilidad limitada dentro de las herramientas de administración de QPixel, los usuarios sin privilegios o anónimos aún pueden ver las ediciones sugeridas dentro de esta categoría a través de la cola de ediciones sugeridas. Este problema aún no se ha solucionado y no hay Workarounds disponibles. Se recomienda a los usuarios que sigan el repositorio de desarrollo para obtener actualizaciones.  ### Parches Aún no se han solucionado.  ### WWorkaroundsNo hay ninguno disponible. Las categorías privadas o con visibilidad limitada no deben considerarse formas de almacenar información confidencial.  ### Referencias Interno: [SUPPORT-114](https:\/\/codidact.atlassian.net\/issues\/SUPPORT-114)"}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:A\/VC:L\/VI:N\/VA:N\/SC:N\/SI:N\/SA:N\/E:X\/CR:X\/IR:X\/AR:X\/MAV:X\/MAC:X\/MAT:X\/MPR:X\/MUI:X\/MVC:X\/MVI:X\/MVA:X\/MSC:X\/MSI:X\/MSA:X\/S:X\/AU:X\/R:X\/V:X\/RE:X\/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https:\/\/github.com\/codidact\/qpixel\/security\/advisories\/GHSA-pv74-hcg9-65r4","source":"security-advisories@github.com"}]}}]}