Nutzam Nutzboot
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Nutzam Nutzboot.
By the Year
In 2026 there have been 0 vulnerabilities in Nutzam Nutzboot. Last year, in 2025 Nutzboot had 3 security vulnerabilities published. Right now, Nutzboot is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 3 | 5.10 |
It may take a day or so for new Nutzboot vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Nutzam Nutzboot Security Vulnerabilities
EthModule Remote Auth Bypass in NutzBoot <=2.6.0-SNAPSHOT
CVE-2025-13806
7.3 - High
- December 01, 2025
A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction API. The manipulation of the argument from/to/wei leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
AuthZ
NutzBoot 2.6.0-SNAPSHOT LiteRpc Deserialization via HttpServletEndpoint
CVE-2025-13805
3.7 - Low
- December 01, 2025
A weakness has been identified in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This affects the function getInputStream of the file nutzcloud/nutzcloud-literpc/src/main/java/org/nutz/boot/starter/literpc/impl/endpoint/http/HttpServletRpcEndpoint.java of the component LiteRpc-Serializer. Executing a manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been made available to the public and could be used for attacks.
Marshaling, Unmarshaling
Information Disclosure in NutzBoot <=2.6.0 via Ethereum Wallet Handler
CVE-2025-13804
4.3 - Medium
- December 01, 2025
A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Nutzam Nutzboot or by Nutzam? Click the Watch button to subscribe.
