Medium severity4.3GHSA Advisory· Published Dec 1, 2025· Updated Apr 29, 2026
CVE-2025-13804
CVE-2025-13804
Description
A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.nutz:nutzboot-parentMaven | <= 2.6.0-SNAPSHOT | — |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- github.com/advisories/GHSA-qp56-qj59-hjf8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-13804ghsaADVISORY
- github.com/Xzzz111/exps/blob/main/archives/nutzboot-InfoLeak-1/report.mdnvdWEB
- github.com/Xzzz111/exps/blob/main/archives/nutzboot-InfoLeak-1/report.mdnvdWEB
- vuldb.comnvdWEB
- vuldb.comnvdWEB
- vuldb.comnvdWEB
News mentions
0No linked articles in our index yet.