CNNVD-202512-2747 Information

CNNVD ID

CNNVD-202512-2747

Related CVE

CVE-2025-66482

• CNNVD Published: 2025-12-16

Description (Chinese)

Misskey是Misskey开源的一个永久免费的开源联合社交媒体平台。 Misskey 2025.12.0-alpha.2之前版本存在安全漏洞，该漏洞源于trustProxy配置默认值不安全，可能导致绕过IP速率限制。

Description (English)

Misskey is a permanent, free and open-source social media platform for Misskey Open Source. There was a security loophole in the pre-Misskey 2025.12.0-alpha.2 version, which stemmed from the insecurity of the trustProxy configuration default, which could lead to circumventing the IP speed limit.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Misskey

Published

2025-12-16

Last Modified

2026-02-24

References

https://github.com/misskey-dev/misskey/commit/5512898463fa8487b9e6488912f35102b91f25f7 https://github.com/misskey-dev/misskey/security/advisories/GHSA-wwrj-3hvj-prpm https://access.redhat.com/security/cve/cve-2025-66482

Patch

https://misskey-hub.net/ja/