
Summary of Releases v10.2.1 & v10.2.2
This month, we've released two new versions of Nuclei Templates, which introduce numerous improvements and new templates for Nuclei users.
Here are some highlighted stats from the combined releases:
🎉 106 new templates added
🔥 57 new CVEs covered
🛡️ 10 actively exploited KEVs included
🚀 11 first-time contributions
💰 Template Reward program launched
Introduction
The Nuclei Templates v10.2.1 and v10.2.2 were released earlier this Month, introducing some useful updates for the community. These releases prioritize checks for vulnerabilities flagged as actively exploited in the wild (KEVs), as listed in CISA’s Known Exploited Vulnerabilities, enabling users to address the most urgent security risks promptly.
We’ve also rolled out Template Bounty Program💰, offering community members the opportunity to earn rewards 💸 for contributing impactful templates to the project. It’s a great way to support open-source security and earn recognition for your work.
To help you stay updated on new additions, we’ve launched a Twitter bot: @pdnuclei_bot. It provides real-time notifications for every new template added. You’ll also receive these updates in this Discord channel.
New Templates Added
A total of 106 new templates were added in these two releases, thanks to the efforts of our community and team. These additions help users catch critical weaknesses before attackers can exploit them in the wild. This means faster response times and improved protection for your systems.
New CVEs Added
Out of the new templates added, 57 were new CVEs, ensuring you remain current with the latest security vulnerabilities.
Notably, the release includes coverage for CVE-2025-4427, a remote code execution flaw in Ivanti EPMM, which has been added to CISA’s Known Exploited Vulnerabilities (KEV) list. We’ve also added templates for CVE-2025-34026 and CVE-2025-34027, two authentication bypass issues affecting Versa Concerto, a platform widely deployed in enterprise networks. These CVE templates target vulnerabilities found in popular software products and services, helping users to identify and resolve issues before attackers can exploit them.
Highlighted CVE Templates
Templates marked with 🔥 highlight high-risk vulnerabilities with active exploitation (KEVs). ✅ Templates indicate other critical CVEs added in this release.
KEVs in This Release (🔥)
- 🔥 CVE-2024-38475 – Sonicwall - Pre-Authentication Arbitrary File Read
- 🔥 CVE-2022-26585 – Mingsoft MCMS v5.2.7 - SQL Injection
- 🔥 CVE-2024-12987 – DrayTek Vigor - Command Injection
- 🔥 CVE-2025-4427 – Ivanti EPMM - Remote Code Execution
- 🔥 CVE-2023-1389 – TP-Link Archer AX21 (AX1800) - Command Injection
- 🔥 CVE-2020-15415 – DrayTek Vigor - Command Injection
- 🔥 CVE-2018-20062 – ThinkPHP 5.0.23 - Remote Code Execution
- 🔥 CVE-2018-19410 – PRTG Network Monitor - Local File Inclusion
- 🔥 CVE-2024-8529 – LearnPress < 4.2.7.1 - SQL Injection
- 🔥 CVE-2023-51409 – Jordy Meow AI Engine - Unrestricted File Upload
Other CVEs from v10.2.1 & v10.2.2 (✅)
- ✅ CVE-2025-32432 – CraftCMS - Remote Code Execution
- ✅ CVE-2025-2777 – SysAid On-Prem <= 23.3.40 - XML External Entity
- ✅ CVE-2024-21136 – Oracle Retail Xstore Suite - Pre-auth Path Traversal
- ✅ CVE-2024-7591 – Kemp Load Balancer - Unauth Command Injection
- ✅ CVE-2023-45878 – Gibbon LMS <= v25.0.01 - File Upload to RCE
- ✅ CVE-2022-1711 – draw.io < 18.0.5 - Server Side Request Forgery (SSRF)
- ✅ CVE-2025-47916 – Invision Community <=5.0.6 RCE via Template Injection
- ✅ CVE-2025-34027 – Versa Concerto API Path Based - Authentication Bypass
- ✅ CVE-2025-34026 – Versa Concerto Actuator Endpoint - Authentication Bypass
- ✅ CVE-2025-27007 – OttoKit < 1.0.83 - SureTriggers allows Privilege Escalation
- ✅ CVE-2025-24016 – Wazuh - Unsafe Deserialization Remote Code Execution
- ✅ CVE-2025-4123 – Grafana - XSS / Open Redirect / SSRF via Client Path Traversal
- ✅ CVE-2025-3102 – SureTriggers – All-in-One Automation Platform ≤ 1.0.78 - Authentication Bypass
- ✅ CVE-2025-2011 – Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection
- ✅ CVE-2024-11320 – Pandora v7.0NG.777.3 - Remote Code Execution
Bug Fixes and Enhancements
We’ve made several improvements in these releases to ensure templates are accurate, easy to use, and reliable during scans. This includes updating metadata, cleaning up tags, and fixing issues that could cause false positives or negatives.
Bug Fixes
- Updated affected vBulletin versions in
vbulletin-replacead-rce.yaml
(Issue #12150) - Renamed CVE-2022-31126 to CVE-2022-31137 (Issue #12103)
- Updated and renamed
thinkphp-5022-rce.yaml
toCVE-2018-20062.yaml
(Issue #12096) - Fixed payload for CVE-2019-17444 to avoid false positives (Issue #12050)
- Fixed template for CVE-2025-32101 (Issue #11933)
- Corrected false negative in CVE-2020-26948 (Issue #12056)
- Fixed broken path to reference file causing 404 errors (Issue #11987)
- Modified regex to accept IPs in location header (Issue #12026)
- Updated Huawei WAF detection rule for accurate server header (Issue #12022)
False Negatives
- Addressed pre-authentication RCE vulnerability in CraftCMS 4.x and 5.x (Issue #12020)
False Positives
- Reduced false positives in Next.js cache poisoning headers (Issue #12000)
- Fixed false positives in
s3-bucket-policy-public-access.yaml
(Issue #12085) - Reduced false positives in Azure Cloud Templates (Issue #12047)
- Fixed false positive in CVE-2022-21587 PoC affecting system (Issue #11702)
Enhancements
- Updated tags for multiple templates (Issue #12157)
- Updated tags for
CVE-2025-34028.yaml
(Issue #12156) - Moved templates for assigned CVEs (
CVE-2025-34026
,CVE-2025-34027
) (Issue #12138) - Added Amazon Elastic Kubernetes Service (EKS) templates (PR #12069)
- Removed
CVE-2022-46463
template (PR #12029)
Community Spotlight
We’d like to give a special thanks to all the first-time contributors for their contributions to the Nuclei Templates project :
- @vshekhda made their first contribution in #12050
- @biero-el-corridor made their first contribution in #12005
- @huseyinstif made their first contribution in #11616
- @shubhamrooter made their first contribution in #11281
- @r00tuser111 made their first contribution in #12006
- @saharshtapi made their first contribution in #12011
- @ThibautPierru made their first contribution in #11997
- @ajdumanhug made their first contribution in #12027
- @serdarbsgn made their first contribution in #12022
- @SemenchenkoA made their first contribution in #11944
- @adaminfinitum made their first contribution in #11987
Your contributions are greatly appreciated and help strengthen the Nuclei.
Stay Connected
Stay in the loop with the latest Nuclei developments:
- Follow us on Twitter
- Get real-time template notifications from our new bot on X (Twitter)
- Join the community on Discord
Let’s keep pushing the boundaries of open-source security together!