Formidable

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-46653 npm LOW POC PATCH Monitor

Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Formidable

NVD GitHub

CVSS 3.1

3.1

EPSS

0.1%

CVE-2025-46653 npm

EPSS 0% CVSS 3.1

LOW POC PATCH Monitor

Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available.

Information Disclosure Formidable

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy