VDB
CVE-2025-13473
CVE-2025-13473
PUBLISHED
Username enumeration through timing difference in mod_wsgi authentication handler
EPSS 0.04% · 11.7th percentile
Risk Scores
EPSS Score
0.04%
11.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | django | 4.2.0, 5.2.0, 6.0.0 |
| Bitnami | django | 4.2.0, 5.2.0, 6.0.0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-13473 (circl-sighting)
- CIRCL seen: CVE-2025-13473 (circl-sighting)
- CIRCL seen: CVE-2025-13473 (circl-sighting)
- Django security archive (circl)
- Django releases announcements (circl)
- Django security releases issued: 6.0.2, 5.2.11, and 4.2.28 (circl)
- Weaponized CVE-2025-13473 in Nuclei (community-snort)
Timeline
- Oct 4, 2025 Nuclei Template
- Oct 4, 2025 Fix Commit
- Feb 3, 2026 CVE Published
- Feb 3, 2026 PoC Published
- Feb 3, 2026 PoC Published
- Feb 4, 2026 EPSS Score
- Feb 5, 2026 PoC Published
- Feb 6, 2026 EPSS Score
- Feb 8, 2026 EPSS Score
- Feb 11, 2026 EPSS Score
- Feb 13, 2026 EPSS Score
- Feb 15, 2026 EPSS Score