cvedb.io
CVE-2025-54872
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2025-08-06T00:15:31.357 · Last modified 2026-06-17T09:40:50.520

Summary

onion-site-template is a complete, scalable tor hidden service self-hosting sample. Versions which include commit 3196bd89 contain a baked-in tor image if the secrets were copied from an existing onion domain. A website could be compromised if a user shared the baked-in image, or if someone were able to acquire access to the user's device outside of a containerized environment. This is fixed by commit bc9ba0fd.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.