https://db.gcve.eu/sightings/feedMost recent sightings.2026-05-20T22:38:50.580574+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/babe0dd0-1962-4834-b0d8-973163a05957/exportbabe0dd0-1962-4834-b0d8-973163a059572026-05-20T22:38:50.988434+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "babe0dd0-1962-4834-b0d8-973163a05957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2607", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8439", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2607\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-21T21:00:10.948Z\n\ud83d\udccf Modified: 2025-03-21T21:00:10.948Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.300590\n2. https://vuldb.com/?ctiid.300590\n3. https://vuldb.com/?submit.518021\n4. https://github.com/Jingyi-u/lzcms/tree/main", "creation_timestamp": "2025-03-21T21:21:56.000000Z"}2025-03-21T21:21:56+00:00https://db.gcve.eu/sighting/e9122ee2-6541-40e3-b09c-f855f76249c8/exporte9122ee2-6541-40e3-b09c-f855f76249c82026-05-20T22:38:50.988368+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "e9122ee2-6541-40e3-b09c-f855f76249c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2607", "type": "seen", "source": "https://t.me/cvedetector/20844", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2607 - LzCMS-LaoZhangBoKeXiTong Unrestricted File Upload Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2607 \nPublished : March 21, 2025, 9:15 p.m. | 1\u00a0hour, 37\u00a0minutes ago \nDescription : A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-22T00:20:16.000000Z"}2025-03-22T00:20:16+00:00https://db.gcve.eu/sighting/4b4e15b4-f329-4664-97b1-dbc8acb4d95e/export4b4e15b4-f329-4664-97b1-dbc8acb4d95e2026-05-20T22:38:50.988300+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "4b4e15b4-f329-4664-97b1-dbc8acb4d95e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26074", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19946", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26074\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.\n\ud83d\udccf Published: 2025-06-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-30T16:45:02.565Z\n\ud83d\udd17 References:\n1. https://github.com/conductor-oss/conductor\n2. https://github.com/conductor-oss/conductor/blob/main/core/src/main/java/com/netflix/conductor/core/events/ScriptEvaluator.java\n3. https://medium.com/@mrcnry/cve-2025-26074-remote-code-execution-in-conductor-oss-via-inline-javascript-injection-5ce3cb651cfb", "creation_timestamp": "2025-06-30T17:07:32.000000Z"}2025-06-30T17:07:32+00:00https://db.gcve.eu/sighting/7226cdfe-6361-45ad-98d1-156797ab272b/export7226cdfe-6361-45ad-98d1-156797ab272b2026-05-20T22:38:50.988244+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "7226cdfe-6361-45ad-98d1-156797ab272b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-26074", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114774041391786813", "content": "", "creation_timestamp": "2025-06-30T19:48:08.214429Z"}2025-06-30T19:48:08.214429+00:00https://db.gcve.eu/sighting/eff6e019-9d6e-4500-8795-74c45f92690a/exporteff6e019-9d6e-4500-8795-74c45f92690a2026-05-20T22:38:50.988175+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "eff6e019-9d6e-4500-8795-74c45f92690a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26074", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3lu3nn47qhs2d", "content": "", "creation_timestamp": "2025-07-16T14:42:16.959144Z"}2025-07-16T14:42:16.959144+00:00https://db.gcve.eu/sighting/f18120a6-14b9-4552-aa30-84443a7a604b/exportf18120a6-14b9-4552-aa30-84443a7a604b2026-05-20T22:38:50.988086+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "f18120a6-14b9-4552-aa30-84443a7a604b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2607", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}2025-08-11T18:27:48+00:00https://db.gcve.eu/sighting/288155a4-6a36-4b74-8d6f-6d092d441cd5/export288155a4-6a36-4b74-8d6f-6d092d441cd52026-05-20T22:38:50.986235+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "288155a4-6a36-4b74-8d6f-6d092d441cd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-26074", "type": "seen", "source": "https://gist.github.com/alon710/c85765ce27b6517378a7751dbbdc300f", "content": "", "creation_timestamp": "2026-01-24T21:32:21.000000Z"}2026-01-24T21:32:21+00:00