Description
NEXULEAN is a cybersecurity portfolio & service platform for an Ethical Hacker, AI Enthusiast, and Penetration Tester. Prior to 2.0.0, a security vulnerability was identified where Firebase and Web3Forms API keys were exposed. An attacker could use these keys to interact with backend services without authentication, potentially leading to unauthorized access to application resources and user data. This vulnerability is fixed in 2.0.0.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://github.com/Stalin-143/website/security/advisories/GHSA-r7cr-5wcx-x9wm
Release Notes x_refsource_misc
https://github.com/Stalin-143/website/releases/tag/v2.0.0
Scores
CVSS v3
8.2
EPSS
0.0026
EPSS Percentile
16.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-284
CWE-798
Status
published
Published
Mar 12, 2026
Tracked Since
Mar 13, 2026