CVE-2026-32138HIGH 8.2EPSS p16.8%

CVE-2026-32138CVE-2026-32138

Description

NEXULEAN is a cybersecurity portfolio & service platform for an Ethical Hacker, AI Enthusiast, and Penetration Tester. Prior to 2.0.0, a security vulnerability was identified where Firebase and Web3Forms API keys were exposed. An attacker could use these keys to interact with backend services without authentication, potentially leading to unauthorized access to application resources and user data. This vulnerability is fixed in 2.0.0.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS0.26% probability of exploitation · percentile 16.8% · 2026-06-18T12:00:27Z
Published2026-03-12
Last modified2026-04-16

Underlying weaknesses· 2

CWE-284CWE-798

References

  1. https://github.com/Stalin-143/website/releases/tag/v2.0.0
  2. https://github.com/Stalin-143/website/security/advisories/GHSA-r7cr-5wcx-x9wm

2

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-2840%live
WeaknessUse of Hard-coded Credentialscwe-7980%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-10617
CVE
CVE-2026-10218
CVE
CVE-2025-55306
CVE
CVE-2026-31216
CVE
CVE-2026-31215
CVE
CVE-2026-21877
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.