Stalin 143 · Website · CVE-2026-32138
**Name of the Vulnerable Software and Affected Versions**
NEXULEAN versions prior to 2.0.0
**Description**
Prior to version 2.0.0, the software exposed Firebase and Web3Forms API keys. An attacker could leverage these exposed keys to interact with backend services without proper authentication. This unauthorized access could potentially compromise application resources and user data.
**Recommendations**
Update to version 2.0.0 or later.