Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-6669

Good to know:

icon

Date: June 25, 2025

A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file middlewares/jwt.go. The manipulation with the input sublink leads to use of hard-coded cryptographic key . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.9 is able to address this issue. The patch is identified as 778d26aef723daa58df98c8060c43f5bf5d1b10b. It is recommended to upgrade the affected component.

Severity Score

Related Resources (11)

https://github.com/gooaclok819/sublinkX/commit/778d26aef723daa58df98c8060c43f5bf5d1b10b
https://vuldb.com/?id.313882
https://vuldb.com/?submit.602368
https://vuldb.com/?submit.602369
https://vuldb.com/?ctiid.313882
https://github.com/gooaclok819/sublinkX/issues/68#issuecomment-2957290524
https://github.com/gooaclok819/sublinkX/releases/tag/1.9
https://nvd.nist.gov/vuln/detail/CVE-2025-6669
https://github.com/gooaclok819/sublinkX/issues/68
https://github.com/gooaclok819/sublinkX/issues/69
https://www.mend.io/vulnerability-database/CVE-2025-6669

Severity Score

Weakness Type (CWE)

Key Management Errors

CWE-320

Use of Hard-coded Cryptographic Key

CWE-321

Top Fix

icon

Upgrade Version

Upgrade to version https://github.com/gooaclok819/sublinkX.git - 1.9

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us