CVE-2025-61536 Blast Radius

HIGH • CVSS 8.2FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the untrusted `req.headers.host` header and forces the `http://`

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2025-61536.

Start Free Scan →← Back to CVE-2025-61536