CVE-2025-66482 | misskey up to 2025.9.1/2025.11.1/2025.12.0-alpha.1 Header X-Forwarded-For excessive authentication (GHSA-wwrj-3hvj-prpm)

A vulnerability identified as problematic has been detected in misskey up to 2025.9.1/2025.11.1/2025.12.0-alpha.1. Impacted is an unknown function of the component Header Handler. This manipulation of the argument X-Forwarded-For causes improper restriction of excessive authentication attempts.

This vulnerability appears as CVE-2025-66482. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More