CVE-2025-23027

Name of the Vulnerable Software and Affected Versions next-forge (affected versions not specified)

Description The issue concerns a Next.js project boilerplate for modern web applications. A BASEHUB TOKEN is committed in the apps/web/.env.example file. Users are advised to avoid using this token and remove any access it may have in their systems.

Recommendations To resolve the issue, users should remove the BASEHUB TOKEN from their systems and avoid using it. As a mitigation measure, consider restricting access to the apps/web/.env.example file to minimize the risk of exploitation. Avoid using the BASEHUB TOKEN in your applications until the issue is resolved.