Vulnerability Description
next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems.
Related Weaknesses (CWE)
References
- https://github.com/haydenbleasel/next-forge/commit/239a98f2c308a51d626ae06131029
- https://github.com/haydenbleasel/next-forge/security/advisories/GHSA-wppx-qmqh-9
FAQ
What is CVE-2025-23027?
CVE-2025-23027 is a documented vulnerability. next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may ha...
How severe is CVE-2025-23027?
CVSS scoring is not yet available for CVE-2025-23027. Check NVD for updates.
Is there a patch for CVE-2025-23027?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.