CVE-2025-55306

CRITICAL

GenX_FX - Info Disclosure

Title source: llm

Description

GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.).

References (1)

[Vendor Advisory] https://github.com/Mouy-leng/GenX_FX/security/advisories/GHSA-2xjq-pvwj-mvm6

Scores

CVSS v3 9.8

EPSS 0.0007

EPSS Percentile 20.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-522

Status published

Products (1)

Mouy-leng/GenX_FX <= 1.0.0

Published Aug 19, 2025

Tracked Since Feb 18, 2026