What is CVE-2025-57754?

CVE-2025-57754 is a critical-severity vulnerability in Kristoferfannar Eslint-ban-moment, classified under CWE-260. CVSS score: 9.8/10. Published 2025-08-21.

How severe is CVE-2025-57754?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Kristoferfannar Eslint-ban-moment

CVE-2025-57754

eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In 3.0.0 and earlier, a sensitive Supabase URI is exposed in .env. A valid Supabase URI with embedded username and password will allow an attacker complete unauthorized ac…

EPSS: 0.001 (28.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Kristoferfannar Eslint-ban-moment — versions <= 3.0.0

Weakness classification (CWE)

CWE-260

References

https://github.com/kristoferfannar/eslint-ban-moment/security/advisories/GHSA-2486-4cjg-pw98 (x_refsource_CONFIRM)
https://github.com/kristoferfannar/eslint-ban-moment/commit/bc2d2f9d23e6ae961a23e0d769e0722870b11108 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-57754?: CVE-2025-57754 is a critical-severity vulnerability in Kristoferfannar Eslint-ban-moment, classified under CWE-260. CVSS score: 9.8/10. Published 2025-08-21.
How severe is CVE-2025-57754?: Critical severity. CVSS v3 base score is 9.8 out of 10.