https://db.gcve.eu/sightings/feed 2026-05-23T04:05:51.625499+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/d3840cb0-b64f-4817-9d18-1c20e213e5fc/export 2026-05-23T04:05:51.881680+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d3840cb0-b64f-4817-9d18-1c20e213e5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "published-proof-of-concept", "source": "Telegram/nHS0XScXforDrXl5voBaqPDObiEW1keH88ZzbYw4M7lx_JM", "content": "", "creation_timestamp": "2025-02-22T08:00:05.000000Z"} 2025-02-22T08:00:05+00:00 https://db.gcve.eu/sighting/39d5f6b6-1f3a-4abc-a339-f77cd898461c/export 2026-05-23T04:05:51.881578+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "39d5f6b6-1f3a-4abc-a339-f77cd898461c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5084", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21655\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/eventfd: ensure io_eventfd_signal() defers another RCU period\n\nio_eventfd_do_signal() is invoked from an RCU callback, but when\ndropping the reference to the io_ev_fd, it calls io_eventfd_free()\ndirectly if the refcount drops to zero. This isn't correct, as any\npotential freeing of the io_ev_fd should be deferred another RCU grace\nperiod.\n\nJust call io_eventfd_put() rather than open-code the dec-and-test and\nfree, which will correctly defer it another RCU grace period.\n\ud83d\udccf Published: 2025-01-20T13:48:40.544Z\n\ud83d\udccf Modified: 2025-02-23T07:15:02.767Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/6b63308c28987c6010b1180c72a6db4df6c68033\n2. https://git.kernel.org/stable/c/8efff2aa2d95dc437ab67c5b4a9f1d3f367baa10\n3. https://git.kernel.org/stable/c/a7085c3ae43b86d4b3d1b8275e6a67f14257e3b7\n4. https://git.kernel.org/stable/c/c9a40292a44e78f71258b8522655bffaf5753bdb\n5. https://project-zero.issues.chromium.org/issues/388499293", "creation_timestamp": "2025-02-23T07:24:30.000000Z"} 2025-02-23T07:24:30+00:00 https://db.gcve.eu/sighting/85ae6bba-f187-446a-8a8b-711f195c8989/export 2026-05-23T04:05:51.881484+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "85ae6bba-f187-446a-8a8b-711f195c8989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21655", "type": "seen", "source": "Telegram/ii7D4YkGNSBdngjp6vaBfuvBkg3IJ08nBGeA8s3WIFBiu-h2", "content": "", "creation_timestamp": "2025-02-23T17:38:05.000000Z"} 2025-02-23T17:38:05+00:00 https://db.gcve.eu/sighting/43118f69-a048-47e6-8d9b-39d76a019551/export 2026-05-23T04:05:51.881381+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "43118f69-a048-47e6-8d9b-39d76a019551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2165", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8795", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2165\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The SH Email Alert plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mid' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-03-26T02:23:49.139Z\n\ud83d\udccf Modified: 2025-03-26T02:23:49.139Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/dc20180b-4665-4ade-b512-b0f0148200e7?source=cve\n2. https://plugins.trac.wordpress.org/browser/sh-email-alert/tags/1.0/manage.php#L156\n3. https://wordpress.org/plugins/sh-email-alert/", "creation_timestamp": "2025-03-26T03:25:09.000000Z"} 2025-03-26T03:25:09+00:00 https://db.gcve.eu/sighting/bea14bd1-826c-4e5f-837b-711a4799068b/export 2026-05-23T04:05:51.881276+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "bea14bd1-826c-4e5f-837b-711a4799068b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2165", "type": "seen", "source": "https://t.me/cvedetector/21146", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2165 - WordPress SH Email Alert Reflected Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2025-2165 \nPublished : March 26, 2025, 3:15 a.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : The SH Email Alert plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mid' parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"26 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T05:31:42.000000Z"} 2025-03-26T05:31:42+00:00 https://db.gcve.eu/sighting/7c791d3f-291b-449d-a816-2a77e5d7b8e0/export 2026-05-23T04:05:51.881183+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "7c791d3f-291b-449d-a816-2a77e5d7b8e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} 2025-12-03T14:14:49.267740+00:00 https://db.gcve.eu/sighting/a09e6198-f372-483b-be0f-58d0c94ae70e/export 2026-05-23T04:05:51.881072+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "a09e6198-f372-483b-be0f-58d0c94ae70e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21656", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} 2026-03-19T00:00:00+00:00 https://db.gcve.eu/sighting/1cd836eb-3c83-4a02-9526-8e38ea1a4ea7/export 2026-05-23T04:05:51.880974+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "1cd836eb-3c83-4a02-9526-8e38ea1a4ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21651", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} 2026-03-19T00:00:00+00:00 https://db.gcve.eu/sighting/575319a4-8ed7-4ba7-a00a-fbc7dacf5557/export 2026-05-23T04:05:51.880838+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "575319a4-8ed7-4ba7-a00a-fbc7dacf5557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} 2026-03-19T00:00:00+00:00 https://db.gcve.eu/sighting/26745b07-1f44-42c7-ba8c-3e708cfda934/export 2026-05-23T04:05:51.878844+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "26745b07-1f44-42c7-ba8c-3e708cfda934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-21658", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0398/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"} 2026-04-02T17:00:00+00:00