CVE-2025-48140 – MetalpriceAPI Code Injection Vulnerability

June 9, 2025

CVE ID : CVE-2025-48140

Published : June 9, 2025, 4:15 p.m. | 25 minutes ago

Description : Improper Control of Generation of Code (‘Code Injection’) vulnerability in metalpriceapi MetalpriceAPI allows Code Injection. This issue affects MetalpriceAPI: from n/a through 1.1.4.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48141 – Alex Zaytseff Multi CryptoCurrency Payments SQL Injection

Next Article CVE-2025-48139 – StyleAI Missing Authorization Vulnerability

The Ultimate Guide to Node.js Development Pricing for Enterprises

Stack Overflow: Developers’ trust in AI outputs is worsening year over year

Web Components: Working With Shadow DOM

Google’s new Opal tool allows users to create mini AI apps with no coding required

5 preinstalled apps you should delete from your Samsung phone immediately

Ubuntu Linux lagging? Try my 10 go-to tricks to speed it up

How I survived a week with this $130 smartwatch instead of my Garmin and Galaxy Ultra

YouTube is using AI to verify your age now – and if it’s wrong, that’s on you to fix

The details of TC39’s last meeting

The details of TC39’s last meeting

Multi-tenant db schema added to React Starter Kit

Performance Analysis with Laravel’s Measurement Tools

New data shows Xbox is utterly dominating PlayStation’s storefront — accounting for 60% of the Q2 top 10 game sales spots

New data shows Xbox is utterly dominating PlayStation’s storefront — accounting for 60% of the Q2 top 10 game sales spots

Opera throws Microsoft to Brazil’s watchdogs for promoting Edge as your default browser — “Microsoft thwarts‬‭ browser‬‭ competition‬‭‬‭ at‬‭ every‬‭ turn”

Activision once again draws the ire of players for new Diablo Immortal marketing that appears to have been made with generative AI

CVE-2025-48140 – MetalpriceAPI Code Injection Vulnerability

CVE-2025-43234 – Apple WatchOS/IOS/iPadOS/tvOS/macOS VisionOS Texture Corruption Vulnerability

CVE-2025-43237 – Apple macOS Sequoia Write Access Vulnerability

Cisco Nexus Dashboard Vulnerability Lets Attackers Impersonate as Managed Devices

CVE-2025-45947 – PhpGurukul Online Banquet Booking System Remote Code Execution Vulnerability

PoC Code Escalates Roundcube Vuln Threat

Microsoft details how to fix Windows 10/11 blue screen of death (BSOD) issue

CVE-2025-6849 – Simple Forum Cross-Site Scripting (XSS) Vulnerability

Shopify Summer ’25 Edition Introduces Horizon, a New Standard for Creative Control

Google Pixel 10 to Embrace Qi2 Wireless Charging with New “Pixelsnap” Accessories

CVE-2023-53136 – Linux af_unix Struct PID Leak Vulnerability

CVE-2025-48140 – MetalpriceAPI Code Injection Vulnerability

Related Posts