Metrics
Affected Vendors & Products
Tue, 09 Sep 2025 21:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Simstudioai Simstudioai sim | |
| Vendors & Products | Simstudioai Simstudioai sim | 
Mon, 08 Sep 2025 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Mon, 08 Sep 2025 15:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 3424a338b763115f0269b209e777608e4cd31785. Applying a patch is advised to resolve this issue. | |
| Title | SimStudioAI sim route.ts server-side request forgery | |
| Weaknesses | CWE-918 | |
| References |  | |
| Metrics | cvssV2_0 
 
 
 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: VulDB
Published: 2025-09-08T15:32:08.846Z
Updated: 2025-09-08T15:54:31.292Z
Reserved: 2025-09-08T09:54:42.157Z
Link: CVE-2025-10096
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-09-08T15:53:57.490Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2025-09-08T16:15:35.913
Modified: 2025-09-08T16:25:38.810
Link: CVE-2025-10096
 Redhat
                        Redhat
                    No data.