CVE-2025-62126
published 2025-12-31CVE-2025-62126: Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Retrieve Embedded Sensitive…
PriorityP334medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
EXPLOIT
EPSS
0.66%
46.9th percentile
Insertion of Sensitive Information Into Sent Data vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Retrieve Embedded Sensitive Data.This issue affects Varnish/Nginx Proxy Caching: from n/a through <= 1.8.3.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| razvan_stanga | varnish_nginx_proxy_caching | <= 1.8.3 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress Varnish/Nginx Proxy Caching <= 1.8.3 - Information Exposure
nuclei·CVSS 5.3
CVE-2025-62126 WordPress Varnish/Nginx Proxy Caching <= 1.8.3 - Information Exposure
WordPress Varnish/Nginx Proxy Caching <= 1.8.3 - Information Exposure
Razvan Stanga Varnish/Nginx Proxy Caching <= 1.8.3 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve sensitive information, exploit requires crafted requests.
Template:
id: CVE-2025-62126
info:
name: WordPress Varnish/Nginx Proxy Caching <= 1.8.3 - Information Exposure
author: pussycat0x
severity: medium
description: |
Razvan Stanga Varnish/Nginx Proxy Caching <= 1.8.3 contains an insertion of sensitive information into sent data vulnerability caused by improper handling of embedded sensitive data, letting attackers retrieve sensitive information, exploit requires crafted requests.
remediation: |
Update to the
2025-12-31
Published