Nuclei CVE-2025-41648: require()模块加载器绕过导致本地文件读取

github.com 2026-05-08View in English →日本語 →

Security AdvisoryCVE-2025-41648HighProjectDiscovery

Affected:

Nuclei >= 3.0.0, < 3.8.0

Fixed in:

3.8.0

Referenced CVEs: CVE-2026-41646 · 5.5

本文由本平台从 github.com 自动抓取，经 LLM 流水线清洗、双语翻译。版权归原作者。查看原文。

同源更多文章

Rayventory Scan Engine 12.6 路径注入致RCE (CVE-2025-69599) 2026-05-08 LibreNMS CVE-2024-51502 认证后OS命令注入漏洞分析 2026-05-08 MikroTik RouterOS SMB服务DoS漏洞(CVE-2024-27686)及POC 2026-05-08 SOPlanning 1.52.00 XSS与SQL注入漏洞(CVE-2024-33724/33722)及利用代码 2026-05-08 CVE-2025-42278: UltraDAG Smart Account Spending Policy Bypass via Pockets 2026-05-08