https://db.gcve.eu/sightings/feed 2026-05-13T02:23:01.962553+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/7e409f48-0509-47f3-918a-336e38267d39/export 2026-05-13T02:23:02.122457+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "7e409f48-0509-47f3-918a-336e38267d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3776", "type": "published-proof-of-concept", "source": "Telegram/6rNZORcsrpIp6uXsVyLv3NgDJiB8gwaKAVRPuTsSWUoFbnM", "content": "", "creation_timestamp": "2025-04-24T13:00:07.000000Z"} 2025-04-24T13:00:07+00:00 https://db.gcve.eu/sighting/196fee0a-d29e-499f-935c-480bb3a36934/export 2026-05-13T02:23:02.122395+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "196fee0a-d29e-499f-935c-480bb3a36934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3776", "type": "seen", "source": "https://t.me/cvedetector/23662", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3776 - WordPress TargetSMS Plugin Remote Code Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-3776 \nPublished : April 24, 2025, 9:15 a.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code Execution in all versions up to, and including, 1.5 via the 'targetvr_ajax_handler' function. This is due to a lack of validation on the type of function that can be called. This makes it possible for unauthenticated attackers to execute any callable function on the site, such as phpinfo(). \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T13:03:49.000000Z"} 2025-04-24T13:03:49+00:00 https://db.gcve.eu/sighting/4d3c8ea3-9713-496a-93b0-9354190f4e97/export 2026-05-13T02:23:02.122334+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "4d3c8ea3-9713-496a-93b0-9354190f4e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37768", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14461", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37768\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\ud83d\udccf Published: 2025-05-01T13:07:08.680Z\n\ud83d\udccf Modified: 2025-05-02T06:16:16.990Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/3cdd02cb70682d7d205ca6dc02a4d1eb76758d24\n2. https://git.kernel.org/stable/c/be0fffc4152aac4f0291ed2d793f3cfee788449d\n3. https://git.kernel.org/stable/c/5fc4fb54f6f064c25bfbbfd443aa861d3422dd4c\n4. https://git.kernel.org/stable/c/b0742a709be7979c7a480772046a1f36d09dab00\n5. https://git.kernel.org/stable/c/8e9c4f8d197d5709c75effa5d58e80b4fa01981a\n6. https://git.kernel.org/stable/c/9e4f1e21fe7b93a8ef57db433071266c2590e260\n7. https://git.kernel.org/stable/c/7c246a05df51c52fe0852ce56ba10c41e6ed1f39", "creation_timestamp": "2025-05-02T07:16:32.000000Z"} 2025-05-02T07:16:32+00:00 https://db.gcve.eu/sighting/18045761-7623-46a5-af69-6ef8d68e4a37/export 2026-05-13T02:23:02.122274+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "18045761-7623-46a5-af69-6ef8d68e4a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37767", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14462", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37767\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\ud83d\udccf Published: 2025-05-01T13:07:07.861Z\n\ud83d\udccf Modified: 2025-05-02T06:16:15.942Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/f2904fa2b9da943db6bef7c0f8b3fb4fc14acbc4\n2. https://git.kernel.org/stable/c/8f7b5987e21e003cafac28f0e4d323e6496f83ba\n3. https://git.kernel.org/stable/c/c3ff73e3bddf1a6c30d7effe4018d12ba0cadd2e\n4. https://git.kernel.org/stable/c/fb803d4bb9ea0a61c21c4987505e4d4ae18f9fdc\n5. https://git.kernel.org/stable/c/327107bd7f052f4ee2d0c966c7ae879822f1814f\n6. https://git.kernel.org/stable/c/f23e9116ebb71b63fe9cec0dcac792aa9af30b0c", "creation_timestamp": "2025-05-02T07:16:36.000000Z"} 2025-05-02T07:16:36+00:00 https://db.gcve.eu/sighting/5079c3b1-e76f-4246-b230-f34dc315bd7e/export 2026-05-13T02:23:02.122212+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "5079c3b1-e76f-4246-b230-f34dc315bd7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37766", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14463", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37766\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\ud83d\udccf Published: 2025-05-01T13:07:07.168Z\n\ud83d\udccf Modified: 2025-05-02T06:16:14.896Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/6b9f9b998b107c7539f148a013d789ddb860c3b9\n2. https://git.kernel.org/stable/c/ce773dd844ee19a605af27f11470887e0f2044a9\n3. https://git.kernel.org/stable/c/80814924260cea431a8fc6137d11cc8cb331a10c\n4. https://git.kernel.org/stable/c/ffd688804425579a472fbd2525bedb58b1d28bd9\n5. https://git.kernel.org/stable/c/068091b796480819bf70b159f17e222ad8bea900\n6. https://git.kernel.org/stable/c/42f7b5d12c28b2a601a98d10a80c6db1fe1a2900\n7. https://git.kernel.org/stable/c/affd2241927a1e74c0aecd50c2d920dc4213c56d\n8. https://git.kernel.org/stable/c/4e3d9508c056d7e0a56b58d5c81253e2a0d22b6c", "creation_timestamp": "2025-05-02T07:16:37.000000Z"} 2025-05-02T07:16:37+00:00 https://db.gcve.eu/sighting/846b58f8-6346-4ca6-b522-f04b05f59533/export 2026-05-13T02:23:02.122158+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "846b58f8-6346-4ca6-b522-f04b05f59533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3776", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/16782", "content": "CVE-2025-3776: Full WordPress Takeover Without Login (Critical RCE Exploit)\n\nCredit: youtube.com/@Nxploited", "creation_timestamp": "2025-05-04T01:22:00.000000Z"} 2025-05-04T01:22:00+00:00 https://db.gcve.eu/sighting/6f749204-35fc-44c7-8916-8df503747bf7/export 2026-05-13T02:23:02.122089+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "6f749204-35fc-44c7-8916-8df503747bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37760", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14797", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-37760\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vma: add give_up_on_oom option on modify/merge, use in uffd release\n\nCurrently, if a VMA merge fails due to an OOM condition arising on commit\nmerge or a failure to duplicate anon_vma's, we report this so the caller\ncan handle it.\n\nHowever there are cases where the caller is only ostensibly trying a\nmerge, and doesn't mind if it fails due to this condition.\n\nSince we do not want to introduce an implicit assumption that we only\nactually modify VMAs after OOM conditions might arise, add a 'give up on\noom' option and make an explicit contract that, should this flag be set, we\nabsolutely will not modify any VMAs should OOM arise and just bail out.\n\nSince it'd be very unusual for a user to try to vma_modify() with this flag\nset but be specifying a range within a VMA which ends up being split (which\ncan fail due to rlimit issues, not only OOM), we add a debug warning for\nthis condition.\n\nThe motivating reason for this is uffd release - syzkaller (and Pedro\nFalcato's VERY astute analysis) found a way in which an injected fault on\nallocation, triggering an OOM condition on commit merge, would result in\nuffd code becoming confused and treating an error value as if it were a VMA\npointer.\n\nTo avoid this, we make use of this new VMG flag to ensure that this never\noccurs, utilising the fact that, should we be clearing entire VMAs, we do\nnot wish an OOM event to be reported to us.\n\nMany thanks to Pedro Falcato for his excellent analysis and Jann Horn for\nhis insightful and intelligent analysis of the situation, both of whom were\ninstrumental in this fix.\n\ud83d\udccf Published: 2025-05-01T13:07:02.617Z\n\ud83d\udccf Modified: 2025-05-04T13:07:17.678Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b906c1ad25adce6ff35be19b65a1aa7d960fe1d7\n2. https://git.kernel.org/stable/c/c103a75c61648203d731e3b97a6fbeea4003cb15\n3. https://git.kernel.org/stable/c/41e6ddcaa0f18dda4c3fadf22533775a30d6f72f", "creation_timestamp": "2025-05-04T13:18:39.000000Z"} 2025-05-04T13:18:39+00:00 https://db.gcve.eu/sighting/36e52985-759d-4fd1-81e8-ff84f0018ec9/export 2026-05-13T02:23:02.122034+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "36e52985-759d-4fd1-81e8-ff84f0018ec9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3776", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbybrsy2p", "content": "", "creation_timestamp": "2025-08-03T21:03:05.551729Z"} 2025-08-03T21:03:05.551729+00:00 https://db.gcve.eu/sighting/53ff45b0-2eb3-4e40-abb8-0d72ef8eb6c2/export 2026-05-13T02:23:02.121905+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "53ff45b0-2eb3-4e40-abb8-0d72ef8eb6c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37766", "type": "seen", "source": "https://gist.github.com/Darkcrai86/ff359fcfac284f38ca78751ddb9767e2", "content": "", "creation_timestamp": "2025-08-28T17:43:45.000000Z"} 2025-08-28T17:43:45+00:00 https://db.gcve.eu/sighting/2ff62fff-1bc4-45ba-8069-5d3389ae5b3e/export 2026-05-13T02:23:02.119498+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "2ff62fff-1bc4-45ba-8069-5d3389ae5b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37768", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} 2025-12-03T14:14:49.267740+00:00