https://db.gcve.eu/sightings/feedMost recent sightings.2026-06-17T23:16:28.715105+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/1f537bec-d241-48ff-a059-e029098a716c/export1f537bec-d241-48ff-a059-e029098a716c2026-06-17T23:16:29.126564+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "1f537bec-d241-48ff-a059-e029098a716c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-223J-4RM8-MRMF", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10140", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30218\n\ud83d\udd25 CVSS Score: 1.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which persisted across multiple incoming requests. However, this subrequest ID is sent to all requests, even if the destination is not the same host as the Next.js application. Initiating a fetch request to a third-party within Middleware will send the x-middleware-subrequest-id to that third party. This vulnerability is fixed in 12.3.6, 13.5.10, 14.2.26, and 15.2.4.\n\ud83d\udccf Published: 2025-04-02T21:23:14.660Z\n\ud83d\udccf Modified: 2025-04-02T21:23:14.660Z\n\ud83d\udd17 References:\n1. https://github.com/vercel/next.js/security/advisories/GHSA-223j-4rm8-mrmf\n2. https://vercel.com/changelog/cve-2025-30218-5DREmEH765PoeAsrNNQj3O", "creation_timestamp": "2025-04-02T21:34:07.000000Z"}2025-04-02T21:34:07+00:00https://db.gcve.eu/sighting/2431a814-0442-4313-a098-dc05303f6f77/export2431a814-0442-4313-a098-dc05303f6f772026-06-17T23:16:29.126406+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "2431a814-0442-4313-a098-dc05303f6f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-223j-4rm8-mrmf", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270672120502866", "content": "", "creation_timestamp": "2025-04-02T22:14:42.879371Z"}2025-04-02T22:14:42.879371+00:00https://db.gcve.eu/sighting/6366d888-64f9-48d2-858c-31bf6f968a75/export6366d888-64f9-48d2-858c-31bf6f968a752026-06-17T23:16:29.124975+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "6366d888-64f9-48d2-858c-31bf6f968a75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-223j-4rm8-mrmf", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270672120502866", "content": "", "creation_timestamp": "2025-04-02T22:14:42.882260Z"}2025-04-02T22:14:42.882260+00:00