{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T11:28:52.950","vulnerabilities":[{"cve":{"id":"CVE-2025-29993","sourceIdentifier":"vultures@jpcert.or.jp","published":"2025-03-27T10:15:14.063","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The affected versions of PowerCMS allow HTTP header injection. This vulnerability can be leveraged to direct the affected product to send email with a tampered URL, such as password reset mail."},{"lang":"es","value":"Las versiones afectadas de PowerCMS permiten la inyección de encabezados HTTP. Esta vulnerabilidad puede aprovecharse para que el producto afectado envíe correos electrónicos con una URL alterada, como un correo de restablecimiento de contraseña."}],"metrics":{"cvssMetricV30":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"vultures@jpcert.or.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN39026557/","source":"vultures@jpcert.or.jp"},{"url":"https://www.powercms.jp/news/release-powercms-661-528-459.html","source":"vultures@jpcert.or.jp"}]}}]}