This month, we had two releases of Nuclei Templates, introducing numerous improvements and new templ 2025-11-30 10:38:0 Author: projectdiscovery.io(查看原文) 阅读量:1 收藏
This month, we had two releases of Nuclei Templates, introducing numerous improvements and new templates for Nuclei users.
🚀 November Stats
| Release | New Templates Added | CVEs Added | First-time Contributors | Bounties Awarded |
|---|---|---|---|---|
| v10.3.2 | 129 | 56 | 9 | 7 |
| v10.3.4 | 68 | 27 | 11 | 3 |
| Total | 197 | 83 | 20 | 10 |
Introduction
November kept the momentum strong for Nuclei Templates with two new releases (v10.3.2 & v10.3.4).
We added 197 new templates and coverage for 83 CVEs, including 19 actively exploited KEVs straight from CISA’s catalog, so you can detect and stop the exact vulnerabilities attackers are using in the wild, right now.
A big thank you to the community: 20 first-time contributors stepped up, and 10 bounties were rewarded through the Template Bounty Program.
Huge thanks to everyone who contributed, reported issues, or spread the word. Open-source security is stronger because of you! 🚀
New Templates Added
Across both releases, 197 new templates were added, thanks to the tireless efforts of our global community. These focus on high-fidelity detection of critical weaknesses, helping you stay ahead of exploits in enterprise and cloud environments.
Trending CVEs Added
Among the new templates, 83 CVEs were added, keeping you up to date on the latest threats.
Notably, we've included coverage for some of the most talked-about 2025 vulnerabilities right now: CVE-2025-64446 (FortiWeb Authentication Bypass), CVE-2025-61757 (Oracle Identity Manager WebService Auth Bypass), CVE-2025-59287 (Windows Server Update Service Insecure Deserialization), CVE-2025-61882 (Oracle E-Business Suite RCE), CVE-2025-54253 (Adobe Experience Manager Deserialization), CVE-2025-47575 (FortiManager Unauth RCE), and CVE-2025-58360 (GeoServer XXE—50K+ exposed instances). These target widely deployed platforms, letting you spot and fix issues before attackers strike.
Highlighted CVE Templates
Templates marked with 🔥 highlight high-risk vulnerabilities that are actively exploited.
Highlighted CVE Templates from v10.3.2 & v10.3.4 (🔥)
- 🔥 [CVE-2025-64446] – FortiWeb: Authentication Bypass (vKEV)
- 🔥 [CVE-2025-64095] – DNN: Unrestricted Arbitrary File Upload
- 🔥 [CVE-2025-61884] – Oracle E-Business Suite: SSRF (vKEV)
- 🔥 [CVE-2025-59287] – Windows Server Update Service: Insecure Deserialization (vKEV)
- 🔥 [CVE-2025-58443] – FOGProject ≤ 1.5.10.1673: Authentication Bypass
- 🔥 [CVE-2025-55190] – ArgoCD: Project API Token Repository Credentials Exposure
- 🔥 [CVE-2025-54253] – Adobe Experience Manager: Deserialization (vKEV)
- 🔥 [CVE-2025-54236] – Adobe Commerce: Authentication Bypass (vKEV)
- 🔥 [CVE-2025-52665] – UniFi Access: Broken Access Control
- 🔥 [CVE-2025-41243] – Spring Cloud Gateway Server Webflux: Broken Access Control
- 🔥 [CVE-2025-12101] – Citrix NetScaler ADC & Gateway: Reflected XSS / Open Redirect
- 🔥 [CVE-2025-11749] – WordPress AI Engine Plugin: Token Exposure
- 🔥 [CVE-2025-8943] – Flowise < 3.0.1: Remote Command Execution
- 🔥 [CVE-2025-1550] – Keras Model.load_model: Arbitrary Code Execution
- 🔥 [CVE-2025-1302] – JSONPath Plus < 10.3.0: RCE
- 🔥 [CVE-2024-53900] – Mongoose < 8.8.3: RCE
- 🔥 [CVE-2024-47575] – FortiManager: Unauth RCE (vKEV)
- 🔥 [CVE-2024-27443] – Zimbra Collaboration: XSS (vKEV)
- 🔥 [CVE-2024-23108] – Fortinet FortiSIEM: OS Command Injection (vKEV)
- 🔥 [CVE-2023-34048] – VMware vCenter Server: Out-of-Bounds Write (vKEV)
- 🔥 [CVE-2023-2437] – UserPro ≤ 5.1.1: Authentication Bypass (vKEV)
- 🔥 [CVE-2021-45467] – Control Web Panel (CWP): File Inclusion (vKEV)
- 🔥 [CVE-2021-34427] – Eclipse BIRT Viewer: Remote Code Execution
- 🔥 [CVE-2021-4462] – Employee Records System 1.0: Unauth File Upload RCE (vKEV)
- 🔥 [CVE-2021-4449] – ZoomSounds Plugin: Unauth Arbitrary File Upload (vKEV)
- 🔥 [CVE-2020-14644] – Oracle WebLogic Server: RCE (Insecure Deserialization) (vKEV)
- 🔥 [CVE-2025-64764] – Astro: Reflected XSS via server islands feature
- 🔥 [CVE-2025-61757] – Oracle Identity Manager WebService: Auth Bypass (vKEV)
- 🔥 [CVE-2025-58360] – GeoServer: XML External Entity Injection
- 🔥 [CVE-2025-49706] – Microsoft SharePoint Server: Auth Bypass (vKEV)
- 🔥 [CVE-2025-27915] – Zimbra: XSS (vKEV)
- 🔥 [CVE-2025-11833] – Post SMTP ≤ 3.6.0: Email Log Disclosure (vKEV)
- 🔥 [CVE-2022-29081] – Zoho ManageEngine: Access Control Bypass (vKEV)
- 🔥 [CVE-2017-5983] – JIRA Workflow Designer Plugin: RCE (XXE)
🛠️ Bug Fixes and Enhancements
Across v10.3.2 and v10.3.4, we shipped dozens of precision improvements, fixing payloads, tightening matchers, reducing noise, and adding smarter detection logic, so your scans are faster and more trustworthy.
False Negatives Fixed
- Restored detection in CVE-2020-35338 template (Issue #13676)
- Fixed error-logs exposure detection when no
Content-Typeheader is present (Issue #13519, PR #14025) - Improved default-asp-net-page to catch modern ASP.NET welcome pages (Issue #13543)
- Removed redundant condition in CVE-2024-9047 that was blocking matches (PR #13496)
False Positives Reduced
- Eliminated false positives in CVE-2020-26948 (PR #13978)
- Fixed CVE-2025-5777 (CitrixBleed 2) noise (PR #13905, PR #13815, Issue #13197)
- Cleaned up CVE-2000-0760 Snoop.jsp false triggers (PR #13830)
- Reduced noise in CVE-2023-37582, config-json.yaml, external-service-interaction, api-dbt token spray, CVE-2017-3132, OSINT user enumeration, and wp-twenty-theme-fpd.yaml templates
- Fixed CVE-2024-23897 false positives (PR #13608)
Bug Fixes & Accuracy Improvements
- Corrected vulnerability details and matchers for CVE-2025-64446, CVE-2025-12101, CVE-2025-59287, CVE-2024-28623, CVE-2023-38192, CVE-2022-26143, CVE-2021-39226, CVE-2020-2883, CVE-2021-41467, CVE-2016-8735, and CVE-2024-30569
- Fixed file paths, payloads, typos, domain variables, and CVSS mismatches across multiple templates
- Improved open-redirect-generic accuracy (PR #13787)
Enhancements & New Capabilities
- Added HTTP/2 protocol support improvements (Issue #13709)
- Enhanced IIS Shortname detection (PR #13885)
- Upgraded AEM querybuilder bypass detection (PR #13746)
- Strengthened CVE-2025-61882 & CVE-2025-61884 Oracle E-Business Suite templates (PR #13822)
- Added missing service tags and fixed tag typos across the repository
- Improved Next.js / Vite public env exposure detection (PR #14013, PR #14033)
- Enhanced eclipse-birt-panel, GITBLIT, Jitsi, CVE-2025-58360 (GeoServer XXE), CVE-2025-20362, CVE-2020-14179, and CVE-2017-9841 (new eval-stdin paths)
- Refactored templates and resolved duplicate IDs (e.g., gradio-lfi)
- Updated unavailable documentation URLs and converted legacy non-CVE templates to proper CVE format
Huge thanks to every contributor who opened issues, sent PRs, and helped us make Nuclei Templates sharper than ever. These changes mean fewer false alerts, more real threats caught, and smoother large-scale scanning. Keep the feedback coming!
A huge shoutout to our 20 first-time contributors this November, welcome to the Nuclei Templates family! 🎉
- @RaghavArora14 made their first contribution in #13750
- @7h3b4dger made their first contribution in #13768
- @www-spam made their first contribution in #12929
- @asdvsfs made their first contribution in #12364
- @wjch611 made their first contribution in #12435
- @cham423 made their first contribution in #13899
- @TrebledJ made their first contribution in #13925
- @us3r777 made their first contribution in #13955
- @Rupendra0 made their first contribution in #13940
- @keyboard-slayer made their first contribution in #13958
- @eduquintanilha made their first contribution in #13920
- @0xanis made their first contribution in #13983
- @0xnemian made their first contribution in #13930
- @OrSmolnik made their first contribution in #14007
- @nikhilpatidar01 made their first contribution in #14015
- @brendan-rsoc made their first contribution in #14016
- @S9n3x made their first contribution in #13496
- @Snbig made their first contribution in #13581
- @JosephTTD made their first contribution in #14042
- @l-teles made their first contribution in #14075
Your pull requests, bug reports, and fresh ideas are making open-source security stronger every single day. Thank you, and keep them coming! 🚀
Stay Connected
Stay in the loop with the latest Nuclei developments:
- Follow us on Twitter
- Get real-time template notifications from our new bot on X (Twitter)
- Join the community on Discord
Let’s keep pushing the boundaries of open-source security together!
如有侵权请联系:admin#unsafe.sh