Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.2
NEXULEAN (2.0.0 and earlier) Exposes API Keys to Unauthorized Access
CVE-2026-32138
Summary
NEXULEAN's older versions expose API keys that can be used by attackers to access the application and user data without permission. This could lead to unauthorized changes or theft of sensitive information. Update to version 2.0.0 or later to fix this issue.
Original title
NEXULEAN is a cybersecurity portfolio & service platform for an Ethical Hacker, AI Enthusiast, and Penetration Tester. Prior to 2.0.0, a security vulnerability was identified where Firebase and Web...
Original description
NEXULEAN is a cybersecurity portfolio & service platform for an Ethical Hacker, AI Enthusiast, and Penetration Tester. Prior to 2.0.0, a security vulnerability was identified where Firebase and Web3Forms API keys were exposed. An attacker could use these keys to interact with backend services without authentication, potentially leading to unauthorized access to application resources and user data. This vulnerability is fixed in 2.0.0.
nvd CVSS3.1
8.2
Vulnerability type
CWE-284
Improper Access Control
CWE-798
Use of Hard-coded Credentials
Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 12 Mar 2026