{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T20:47:23.686","vulnerabilities":[{"cve":{"id":"CVE-2025-53941","sourceIdentifier":"security-advisories@github.com","published":"2025-07-17T14:15:32.737","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, making the software vulnerable to HTML injection. Version 0.6.5 fixes the issue."},{"lang":"es","value":"Hollo es un software de microblogging federado para un solo usuario, diseñado para federarse a través de ActivityPub. Las versiones anteriores a la 0.6.5 permiten el envío de elementos de formulario HTML, lo que hace que el software sea vulnerable a la inyección de HTML. La versión 0.6.5 soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/fedify-dev/hollo/commit/f9d25e10ba5406c27f9e87dfb01f75b6a52f2410","source":"security-advisories@github.com"},{"url":"https://github.com/fedify-dev/hollo/releases/tag/0.6.5","source":"security-advisories@github.com"},{"url":"https://github.com/fedify-dev/hollo/security/advisories/GHSA-w7gc-g3x7-hq8h","source":"security-advisories@github.com"},{"url":"https://github.com/fedify-dev/hollo/security/advisories/GHSA-w7gc-g3x7-hq8h","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}]}