Most recent sightings.

https://db.gcve.eu/sightings/feed Most recent sightings. 2026-04-30T13:13:52.120173+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/04b92285-adde-434f-b982-70b69cb8e12d/export 04b92285-adde-434f-b982-70b69cb8e12d 2026-04-30T13:13:52.300868+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "04b92285-adde-434f-b982-70b69cb8e12d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22994", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lh2qmg5mf72k", "content": "", "creation_timestamp": "2025-01-31T19:35:24.728163Z"} 2025-01-31T19:35:24.728163+00:00 https://db.gcve.eu/sighting/4a831c24-cb33-4826-b993-0cf94ca720c8/export 4a831c24-cb33-4826-b993-0cf94ca720c8 2026-04-30T13:13:52.300817+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "4a831c24-cb33-4826-b993-0cf94ca720c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22992", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113958357304730897", "content": "", "creation_timestamp": "2025-02-06T18:28:56.487392Z"} 2025-02-06T18:28:56.487392+00:00 https://db.gcve.eu/sighting/35e51547-97e0-43a5-bc8d-7612ea38d328/export 35e51547-97e0-43a5-bc8d-7612ea38d328 2026-04-30T13:13:52.300770+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "35e51547-97e0-43a5-bc8d-7612ea38d328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22992", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjscoic432x", "content": "", "creation_timestamp": "2025-02-06T19:15:40.005445Z"} 2025-02-06T19:15:40.005445+00:00 https://db.gcve.eu/sighting/93f46362-b062-45e1-b359-f875d5adde4a/export 93f46362-b062-45e1-b359-f875d5adde4a 2026-04-30T13:13:52.300715+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "93f46362-b062-45e1-b359-f875d5adde4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22992", "type": "seen", "source": "https://t.me/cvedetector/17429", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22992 - Emoncms SQL Injection\", \n \"Content\": \"CVE ID : CVE-2025-22992 \nPublished : Feb. 6, 2025, 7:15 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"06 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T21:55:36.000000Z"} 2025-02-06T21:55:36+00:00 https://db.gcve.eu/sighting/c1b1cfb1-5d2c-4883-8844-86c2e81992f8/export c1b1cfb1-5d2c-4883-8844-86c2e81992f8 2026-04-30T13:13:52.300640+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "c1b1cfb1-5d2c-4883-8844-86c2e81992f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22992", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113959377200906636", "content": "", "creation_timestamp": "2025-02-06T22:48:19.261123Z"} 2025-02-06T22:48:19.261123+00:00 https://db.gcve.eu/sighting/dbf2cc64-1515-49d5-a2ab-0c386ca9dc7d/export dbf2cc64-1515-49d5-a2ab-0c386ca9dc7d 2026-04-30T13:13:52.300544+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "dbf2cc64-1515-49d5-a2ab-0c386ca9dc7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22992", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhkdkgvdyk2o", "content": "", "creation_timestamp": "2025-02-07T00:24:15.444433Z"} 2025-02-07T00:24:15.444433+00:00 https://db.gcve.eu/sighting/944cc256-6790-48f7-9319-c100c615bf9a/export 944cc256-6790-48f7-9319-c100c615bf9a 2026-04-30T13:13:52.300403+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "944cc256-6790-48f7-9319-c100c615bf9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22992", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhlsgiekkd2a", "content": "", "creation_timestamp": "2025-02-07T14:23:09.401286Z"} 2025-02-07T14:23:09.401286+00:00 https://db.gcve.eu/sighting/75815c41-bdcf-41eb-84a3-4ebe065df113/export 75815c41-bdcf-41eb-84a3-4ebe065df113 2026-04-30T13:13:52.300172+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "75815c41-bdcf-41eb-84a3-4ebe065df113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22994", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8073", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22994\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: O2OA 9.1.3 is vulnerable to Cross Site Scripting (XSS) in Meetings - Settings.\n\ud83d\udccf Published: 2025-01-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T14:41:31.955Z\n\ud83d\udd17 References:\n1. https://github.com/o2oa/o2oa/issues/167", "creation_timestamp": "2025-03-19T15:17:59.000000Z"} 2025-03-19T15:17:59+00:00 https://db.gcve.eu/sighting/4b9c7ab1-ecb3-4fae-bbac-6b895a585bba/export 4b9c7ab1-ecb3-4fae-bbac-6b895a585bba 2026-04-30T13:13:52.299859+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "4b9c7ab1-ecb3-4fae-bbac-6b895a585bba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2299", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10195", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2299\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The LuckyWP Table of Contents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.10. This is due to missing or incorrect nonce validation on the 'ajaxEdit' function. This makes it possible for unauthenticated attackers to inject arbitrary web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-04-03T11:12:30.588Z\n\ud83d\udccf Modified: 2025-04-03T11:12:30.588Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/82df5b2e-4c4a-402f-99c9-694fa710009b?source=cve\n2. https://plugins.trac.wordpress.org/browser/luckywp-table-of-contents/trunk/admin/controllers/EditorBlockController.php#L30\n3. https://plugins.trac.wordpress.org/browser/luckywp-table-of-contents/trunk/admin/widgets/customizeSuccess/views/widget.php#L12\n4. https://plugins.trac.wordpress.org/changeset/3265169/", "creation_timestamp": "2025-04-03T11:35:47.000000Z"} 2025-04-03T11:35:47+00:00 https://db.gcve.eu/sighting/072d7d17-8139-45b3-9f79-4297fb3f1183/export 072d7d17-8139-45b3-9f79-4297fb3f1183 2026-04-30T13:13:52.297506+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "072d7d17-8139-45b3-9f79-4297fb3f1183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2299", "type": "seen", "source": "https://t.me/cvedetector/21970", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2299 - LuckyWP Table of Contents CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2299 \nPublished : April 3, 2025, 12:15 p.m. | 40\u00a0minutes ago \nDescription : The LuckyWP Table of Contents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.10. This is due to missing or incorrect nonce validation on the 'ajaxEdit' function. This makes it possible for unauthenticated attackers to inject arbitrary web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"03 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T15:14:04.000000Z"} 2025-04-03T15:14:04+00:00