{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T02:09:47.372","vulnerabilities":[{"cve":{"id":"CVE-2026-32138","sourceIdentifier":"security-advisories@github.com","published":"2026-03-12T19:16:16.427","lastModified":"2026-06-17T10:35:12.260","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"NEXULEAN is a cybersecurity portfolio & service platform for an Ethical Hacker, AI Enthusiast, and Penetration Tester. Prior to 2.0.0, a security vulnerability was identified where Firebase and Web3Forms API keys were exposed. An attacker could use these keys to interact with backend services without authentication, potentially leading to unauthorized access to application resources and user data. This vulnerability is fixed in 2.0.0."},{"lang":"es","value":"NEXULEAN es una plataforma de cartera y servicios de ciberseguridad para un Hacker Ético, Entusiasta de la IA y Probador de Penetración. Antes de la versión 2.0.0, se identificó una vulnerabilidad de seguridad donde las claves API de Firebase y Web3Forms estaban expuestas. Un atacante podría usar estas claves para interactuar con los servicios de backend sin autenticación, lo que podría llevar a un acceso no autorizado a los recursos de la aplicación y a los datos del usuario. Esta vulnerabilidad está corregida en la versión 2.0.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Stalin-143","product":"website","versions":[{"version":"< 2.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-12T20:38:48.823995Z","id":"CVE-2026-32138","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-798"}]}],"references":[{"url":"https://github.com/Stalin-143/website/releases/tag/v2.0.0","source":"security-advisories@github.com"},{"url":"https://github.com/Stalin-143/website/security/advisories/GHSA-r7cr-5wcx-x9wm","source":"security-advisories@github.com"}]}}]}