https://db.gcve.eu/sightings/feed 2026-05-20T06:41:57.096436+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/34584f44-f8ca-4433-8d43-bdfa712b3b3a/export 2026-05-20T06:41:57.242245+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "34584f44-f8ca-4433-8d43-bdfa712b3b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44843", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/24259", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-44843 - TOTOLINK CA600 PoC Command Injection\", \n \"Content\": \"CVE ID : CVE-2025-44843 \nPublished : May 1, 2025, 5:15 p.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T20:42:00.000000Z"} 2025-05-01T20:42:00+00:00 https://db.gcve.eu/sighting/3b676101-81b7-464d-b6f4-92be6e7abb64/export 2026-05-20T06:41:57.242194+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "3b676101-81b7-464d-b6f4-92be6e7abb64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44844", "type": "seen", "source": "https://t.me/cvedetector/24260", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-44844 - TOTOLINK CA600-PoE Remote Command Injection\", \n \"Content\": \"CVE ID : CVE-2025-44844 \nPublished : May 1, 2025, 5:15 p.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T20:42:01.000000Z"} 2025-05-01T20:42:01+00:00 https://db.gcve.eu/sighting/d59b0bc6-7b5b-452f-bb75-abbaa6ff2908/export 2026-05-20T06:41:57.242137+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d59b0bc6-7b5b-452f-bb75-abbaa6ff2908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44845", "type": "seen", "source": "https://t.me/cvedetector/24261", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-44845 - TOTOLINK CA600 Command Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-44845 \nPublished : May 1, 2025, 5:15 p.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T20:42:02.000000Z"} 2025-05-01T20:42:02+00:00 https://db.gcve.eu/sighting/245572e4-7ab4-41db-afae-b0e47a01d824/export 2026-05-20T06:41:57.242083+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "245572e4-7ab4-41db-afae-b0e47a01d824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44846", "type": "seen", "source": "https://t.me/cvedetector/24262", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-44846 - Totolink CA600-PoE Command Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-44846 \nPublished : May 1, 2025, 5:15 p.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T20:42:06.000000Z"} 2025-05-01T20:42:06+00:00 https://db.gcve.eu/sighting/e71eec62-7e3a-4e62-96f9-966b5b91787b/export 2026-05-20T06:41:57.242028+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "e71eec62-7e3a-4e62-96f9-966b5b91787b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4484", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15813", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4484\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_user. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-09T19:00:05.899Z\n\ud83d\udccf Modified: 2025-05-09T19:17:28.637Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.308199\n2. https://vuldb.com/?ctiid.308199\n3. https://vuldb.com/?submit.566779\n4. https://github.com/wyl091256/CVE/issues/4\n5. https://itsourcecode.com/", "creation_timestamp": "2025-05-09T19:26:07.000000Z"} 2025-05-09T19:26:07+00:00 https://db.gcve.eu/sighting/e30859f4-fbc2-4e52-99a7-0db5e6f4b5c6/export 2026-05-20T06:41:57.241977+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "e30859f4-fbc2-4e52-99a7-0db5e6f4b5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4484", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lor7jacnahs2", "content": "", "creation_timestamp": "2025-05-09T22:01:56.026399Z"} 2025-05-09T22:01:56.026399+00:00 https://db.gcve.eu/sighting/12cfbd4c-9573-483d-be13-49d14b084c68/export 2026-05-20T06:41:57.241927+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "12cfbd4c-9573-483d-be13-49d14b084c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4484", "type": "published-proof-of-concept", "source": "Telegram/-FSytdz-B3MQuFO8RZfSO4jPAWx-8JuShz-w-b65AWDPvJk", "content": "", "creation_timestamp": "2025-05-09T22:30:58.000000Z"} 2025-05-09T22:30:58+00:00 https://db.gcve.eu/sighting/b29b187e-9063-4dff-af2a-de9ec057e37b/export 2026-05-20T06:41:57.241873+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "b29b187e-9063-4dff-af2a-de9ec057e37b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4484", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lori7bzszc2l", "content": "", "creation_timestamp": "2025-05-09T22:32:29.541509Z"} 2025-05-09T22:32:29.541509+00:00 https://db.gcve.eu/sighting/d8121719-9c91-428a-8b91-fa0c4c6b05ae/export 2026-05-20T06:41:57.241794+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d8121719-9c91-428a-8b91-fa0c4c6b05ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4484", "type": "seen", "source": "https://t.me/cvedetector/24974", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-4484 - iSourcecode Gym Management System SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-4484 \nPublished : May 9, 2025, 7:16 p.m. | 59\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in itsourcecode Gym Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_user. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T22:54:05.000000Z"} 2025-05-09T22:54:05+00:00 https://db.gcve.eu/sighting/2f6e1585-4b16-4235-9604-6e7b3cc9a5aa/export 2026-05-20T06:41:57.239826+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "2f6e1585-4b16-4235-9604-6e7b3cc9a5aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-44846", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mdj6cdgh7r2i", "content": "", "creation_timestamp": "2026-01-28T21:03:06.391584Z"} 2026-01-28T21:03:06.391584+00:00