{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T21:52:34.531","vulnerabilities":[{"cve":{"id":"CVE-2025-45525","sourceIdentifier":"cve@mitre.org","published":"2025-06-17T20:15:32.150","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A NULL pointer dereference vulnerability has been identified in the JavaScript library microlight version 0.0.7, a lightweight syntax highlighting library. When processing elements with non-standard CSS color values, the library fails to validate the result of a regular expression match before accessing its properties, leading to an uncaught TypeError and potential application crash. NOTE: this is disputed by multiple parties because there is no common scenario in which an adversary can insert those non-standard values."},{"lang":"es","value":"Se descubrió una vulnerabilidad de desreferencia de puntero nulo en microlight.js (versión 0.0.7), una librería ligera de resaltado de sintaxis. Al procesar elementos con valores de color CSS no estándar, la librería no valida el resultado de una coincidencia de expresión regular antes de acceder a sus propiedades, lo que provoca un error de tipo no detectado y un posible bloqueo de la aplicación."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":2.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.4,"impactScore":1.4}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://gist.github.com/Rootingg/843368931f70886bed3cf982f10a4424","source":"cve@mitre.org"},{"url":"https://github.com/github/advisory-database/pull/5730","source":"cve@mitre.org"}]}}]}