CVE-2025-7579

MEDIUM

chinese-poetry 0.1 - Info Disclosure

Title source: llm

Description

A vulnerability was found in chinese-poetry 0.1. It has been rated as problematic. This issue affects some unknown processing of the file rank/server.js. The manipulation leads to inefficient regular expression complexity. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

References (5)

[Permissions Required, VDB Entry] https://vuldb.com/?id.316277

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.316277

[Permissions Required, VDB Entry] https://vuldb.com/?submit.609704

[Issue Tracking] https://github.com/chinese-poetry/chinese-poetry/issues/396

[Issue Tracking] https://github.com/chinese-poetry/chinese-poetry/issues/396#issue-3204562392

Scores

CVSS v3 4.3

EPSS 0.0009

EPSS Percentile 25.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-1333 CWE-400

Status published

Products (1)

n/a/chinese-poetry 0.1

Published Jul 14, 2025

Tracked Since Feb 18, 2026