CVE-2025-60542
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-60542
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
TypeORM 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
TypeORM是TypeORM开源的一个优秀的 Node.js ORM 框架。该软件的目标是保持支持最新的 Javascript 特性;拥有以下功能:(1)提供表的一对一,多对一,一对多,多对多关系处理;(2)来帮助开发各种用户数据库的应用 - 不管是轻应用还是企业级的。可以实现(3)根据模型自动创建数据库表;(4)可以透明的插入/更新/删除数据库对象;(5)映射数据库 table 到 Javascript 对象,映射表列到 Javascript 对象属性。 TypeORM 0.3.26之前版本存在安全漏
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-60542
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-60542
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-10-29 · 13 CVEs total
| CVE-2025-63622 | Code-Projects Online Complaint Site 安全漏洞 | |
| CVE-2025-61161 | Evope Collector 安全漏洞 | |
| CVE-2025-61429 | NCR Atleos Terminal Manager ConfigApp 安全漏洞 | |
| CVE-2025-61156 | ThreatFire System Monitor 安全漏洞 | |
| CVE-2024-45162 | Blu-Castle BCUM221E 安全漏洞 | |
| CVE-2024-45161 | Blu-Castle BCUM221E 安全漏洞 | |
| CVE-2025-60595 | SPH Engineering UgCS 安全漏洞 | |
| CVE-2025-60898 | Halo CMS 安全漏洞 | |
| CVE-2025-61234 | Dataphone A920 安全漏洞 | |
| CVE-2025-57227 | Kingo ROOT 安全漏洞 | |
| CVE-2025-60320 | memoQ 安全漏洞 | |
| CVE-2025-61876 | Inforcer Platform 安全漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2025-60542
No comments yet