CNNVD-202510-2287 Information

CNNVD ID

CNNVD-202510-2287

Related CVE

CVE-2025-11864

• CNNVD Published: 2025-10-16

Description (Chinese)

Nucleoid是Nucleoid开源的一个具有知识图谱的神经符号人工智能。 Nucleoid 0.7.10及之前版本存在代码问题漏洞，该漏洞源于对文件/src/cluster.ts中组件Outbound Request Handler的函数extension.apply的参数https/ip/port/path/headers的错误操作，可能导致服务端请求伪造。

Description (English)

Nucleoid is a neurological symbol artificial intelligence of Nucleoid open source with a knowledge map. Nucleoid 0.7.10 and previous versions had a code problem loophole, which stemmed from a misperformation of the parameters https/ip/port/path/headers for the function of the Outborn Review Handler component in documents/src/cluster.ts, available at https/ip/port/path/headers.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Nucleoid

Published

2025-10-16

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.328809 https://vuldb.com/?id.328809 https://vuldb.com/?submit.669928 https://github.com/lakshayyverma/CVE-Discovery/blob/main/Nucleoid.md https://access.redhat.com/security/cve/cve-2025-11864