CVE-2025-13804

MEDIUM 4.3

nutzam NutzBoot Ethereum Wallet EthModule.java information disclosure

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

0th

A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

CWE	CWE-200 CWE-284
Vendor	nutzam
Product	nutzboot
Published	Dec 1, 2025
Last Updated	Feb 24, 2026

Stay Ahead of the Next One

Get instant alerts for nutzam nutzboot

Be the first to know when new medium vulnerabilities affecting nutzam nutzboot are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

nutzam / NutzBoot

2.6.0-SNAPSHOT

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.333814 vuldb.com: https://vuldb.com/?ctiid.333814 vuldb.com: https://vuldb.com/?submit.692050 github.com: https://github.com/Xzzz111/exps/blob/main/archives/nutzboot-InfoLeak-1/report.md github.com: https://github.com/Xzzz111/exps/blob/main/archives/nutzboot-InfoLeak-1/report.md#vulnerability-details-and-poc

Credits

🔍 sh7err03 (VulDB User)