https://db.gcve.eu/sightings/feedMost recent sightings.2026-05-06T05:49:40.418680+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/a28dc8bd-5f26-417f-b1fe-4d98cffc0e42/exporta28dc8bd-5f26-417f-b1fe-4d98cffc0e422026-05-06T05:49:40.534059+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "a28dc8bd-5f26-417f-b1fe-4d98cffc0e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37825", "type": "seen", "source": "https://t.me/cvedetector/24802", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37825 - \"Nvidia Nvmet Out-of-Bounds Access Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2025-37825 \nPublished : May 8, 2025, 7:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnvmet: fix out-of-bounds access in nvmet_enable_port \n \nWhen trying to enable a port that has no transport configured yet, \nnvmet_enable_port() uses NVMF_TRTYPE_MAX (255) to query the transports \narray, causing an out-of-bounds access: \n \n[ 106.058694] BUG: KASAN: global-out-of-bounds in nvmet_enable_port+0x42/0x1da \n[ 106.058719] Read of size 8 at addr ffffffff89dafa58 by task ln/632 \n[...] \n[ 106.076026] nvmet: transport type 255 not supported \n \nSince commit 200adac75888, NVMF_TRTYPE_MAX is the default state as configured by \nnvmet_ports_make(). \nAvoid this by checking for NVMF_TRTYPE_MAX before proceeding. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T11:45:00.000000Z"}2025-05-08T11:45:00+00:00https://db.gcve.eu/sighting/2a45e28a-d2b2-4dbc-b64e-af1e6eb20e95/export2a45e28a-d2b2-4dbc-b64e-af1e6eb20e952026-05-06T05:49:40.534004+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "2a45e28a-d2b2-4dbc-b64e-af1e6eb20e95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37826", "type": "seen", "source": "https://t.me/cvedetector/24803", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37826 - Linux Kernel UFS SCSI Null Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-37826 \nPublished : May 8, 2025, 7:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nscsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer() \n \nAdd a NULL check for the returned hwq pointer by ufshcd_mcq_req_to_hwq(). \n \nThis is similar to the fix in commit 74736103fb41 (\"scsi: ufs: core: Fix \nufshcd_abort_one racing issue\"). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T11:45:01.000000Z"}2025-05-08T11:45:01+00:00https://db.gcve.eu/sighting/584f0ef1-9edd-4c52-a166-c91880fd3026/export584f0ef1-9edd-4c52-a166-c91880fd30262026-05-06T05:49:40.533941+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "584f0ef1-9edd-4c52-a166-c91880fd3026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37820", "type": "seen", "source": "https://t.me/cvedetector/24805", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37820 - Xen-netfront NULL Pointer Dereference and Memory Leak Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-37820 \nPublished : May 8, 2025, 7:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame() \n \nThe function xdp_convert_buff_to_frame() may return NULL if it fails \nto correctly convert the XDP buffer into an XDP frame due to memory \nconstraints, internal errors, or invalid data. Failing to check for NULL \nmay lead to a NULL pointer dereference if the result is used later in \nprocessing, potentially causing crashes, data corruption, or undefined \nbehavior. \n \nOn XDP redirect failure, the associated page must be released explicitly \nif it was previously retained via get_page(). Failing to do so may result \nin a memory leak, as the pages reference count is not decremented. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T11:45:05.000000Z"}2025-05-08T11:45:05+00:00https://db.gcve.eu/sighting/c544b0b3-ae46-4d5e-93fd-9b82f683ae0b/exportc544b0b3-ae46-4d5e-93fd-9b82f683ae0b2026-05-06T05:49:40.533861+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "c544b0b3-ae46-4d5e-93fd-9b82f683ae0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37827", "type": "seen", "source": "https://t.me/cvedetector/24807", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37827 - Here is a title for the vulnerability: \"btrfs: RAID1 Profile Write Pointer Offset Mismatch NULL Pointer Dereference\"\", \n \"Content\": \"CVE ID : CVE-2025-37827 \nPublished : May 8, 2025, 7:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nbtrfs: zoned: return EIO on RAID1 block group write pointer mismatch \n \nThere was a bug report about a NULL pointer dereference in \n__btrfs_add_free_space_zoned() that ultimately happens because a \nconversion from the default metadata profile DUP to a RAID1 profile on two \ndisks. \n \nThe stack trace has the following signature: \n \n BTRFS error (device sdc): zoned: write pointer offset mismatch of zones in raid1 profile \n BUG: kernel NULL pointer dereference, address: 0000000000000058 \n #PF: supervisor read access in kernel mode \n #PF: error_code(0x0000) - not-present page \n PGD 0 P4D 0 \n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI \n RIP: 0010:__btrfs_add_free_space_zoned.isra.0+0x61/0x1a0 \n RSP: 0018:ffffa236b6f3f6d0 EFLAGS: 00010246 \n RAX: 0000000000000000 RBX: ffff96c8132f3400 RCX: 0000000000000001 \n RDX: 0000000010000000 RSI: 0000000000000000 RDI: ffff96c8132f3410 \n RBP: 0000000010000000 R08: 0000000000000003 R09: 0000000000000000 \n R10: 0000000000000000 R11: 00000000ffffffff R12: 0000000000000000 \n R13: ffff96c758f65a40 R14: 0000000000000001 R15: 000011aac0000000 \n FS: 00007fdab1cb2900(0000) GS:ffff96e60ca00000(0000) knlGS:0000000000000000 \n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 \n CR2: 0000000000000058 CR3: 00000001a05ae000 CR4: 0000000000350ef0 \n Call Trace: \n \n ? __die_body.cold+0x19/0x27 \n ? page_fault_oops+0x15c/0x2f0 \n ? exc_page_fault+0x7e/0x180 \n ? asm_exc_page_fault+0x26/0x30 \n ? __btrfs_add_free_space_zoned.isra.0+0x61/0x1a0 \n btrfs_add_free_space_async_trimmed+0x34/0x40 \n btrfs_add_new_free_space+0x107/0x120 \n btrfs_make_block_group+0x104/0x2b0 \n btrfs_create_chunk+0x977/0xf20 \n btrfs_chunk_alloc+0x174/0x510 \n ? srso_return_thunk+0x5/0x5f \n btrfs_inc_block_group_ro+0x1b1/0x230 \n btrfs_relocate_block_group+0x9e/0x410 \n btrfs_relocate_chunk+0x3f/0x130 \n btrfs_balance+0x8ac/0x12b0 \n ? srso_return_thunk+0x5/0x5f \n ? srso_return_thunk+0x5/0x5f \n ? __kmalloc_cache_noprof+0x14c/0x3e0 \n btrfs_ioctl+0x2686/0x2a80 \n ? srso_return_thunk+0x5/0x5f \n ? ioctl_has_perm.constprop.0.isra.0+0xd2/0x120 \n __x64_sys_ioctl+0x97/0xc0 \n do_syscall_64+0x82/0x160 \n ? srso_return_thunk+0x5/0x5f \n ? __memcg_slab_free_hook+0x11a/0x170 \n ? srso_return_thunk+0x5/0x5f \n ? kmem_cache_free+0x3f0/0x450 \n ? srso_return_thunk+0x5/0x5f \n ? srso_return_thunk+0x5/0x5f \n ? syscall_exit_to_user_mode+0x10/0x210 \n ? srso_return_thunk+0x5/0x5f \n ? do_syscall_64+0x8e/0x160 \n ? sysfs_emit+0xaf/0xc0 \n ? srso_return_thunk+0x5/0x5f \n ? srso_return_thunk+0x5/0x5f \n ? seq_read_iter+0x207/0x460 \n ? srso_return_thunk+0x5/0x5f \n ? vfs_read+0x29c/0x370 \n ? srso_return_thunk+0x5/0x5f \n ? srso_return_thunk+0x5/0x5f \n ? syscall_exit_to_user_mode+0x10/0x210 \n ? srso_return_thunk+0x5/0x5f \n ? do_syscall_64+0x8e/0x160 \n ? srso_return_thunk+0x5/0x5f \n ? exc_page_fault+0x7e/0x180 \n entry_SYSCALL_64_after_hwframe+0x76/0x7e \n RIP: 0033:0x7fdab1e0ca6d \n RSP: 002b:00007ffeb2b60c80 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 \n RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdab1e0ca6d \n RDX: 00007ffeb2b60d80 RSI: 00000000c4009420 RDI: 0000000000000003 \n RBP: 00007ffeb2b60cd0 R08: 0000000000000000 R09: 0000000000000013 \n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 \n R13: 00007ffeb2b6343b R14: 00007ffeb2b60d80 R15: 0000000000000001 \n \n CR2: 0000000000000058 \n ---[ end trace 0000000000000000 ]--- \n \nThe 1st line is the most interesting here: \n \n BTRFS error (device sdc): zoned: write pointer offset mismatch of zones in raid1 profile \n \nWhen a RAID1 block-group is created and a writ[...]", "creation_timestamp": "2025-05-08T11:45:07.000000Z"}2025-05-08T11:45:07+00:00https://db.gcve.eu/sighting/b1226fb9-353b-44e7-ad43-bb8661ba1675/exportb1226fb9-353b-44e7-ad43-bb8661ba16752026-05-06T05:49:40.533801+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "b1226fb9-353b-44e7-ad43-bb8661ba1675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37823", "type": "seen", "source": "https://t.me/cvedetector/24809", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-37823 - Linux Kernel Net-Sched HFSC Use-After-Free Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-37823 \nPublished : May 8, 2025, 7:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too \n \nSimilarly to the previous patch, we need to safe guard hfsc_dequeue() \ntoo. But for this one, we don't have a reliable reproducer. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 May 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T11:45:09.000000Z"}2025-05-08T11:45:09+00:00https://db.gcve.eu/sighting/b869bfbf-71cf-4eab-a4fb-9f68ee253e52/exportb869bfbf-71cf-4eab-a4fb-9f68ee253e522026-05-06T05:49:40.533750+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "b869bfbf-71cf-4eab-a4fb-9f68ee253e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37823", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114473653498479043", "content": "", "creation_timestamp": "2025-05-08T18:35:33.067803Z"}2025-05-08T18:35:33.067803+00:00https://db.gcve.eu/sighting/7ad39980-b67c-4c39-8d5a-bdad36a753e7/export7ad39980-b67c-4c39-8d5a-bdad36a753e72026-05-06T05:49:40.533699+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "7ad39980-b67c-4c39-8d5a-bdad36a753e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37822", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0291/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}2026-03-13T00:00:00+00:00https://db.gcve.eu/sighting/643cbd6d-99c9-4350-9b25-73ca387f12f3/export643cbd6d-99c9-4350-9b25-73ca387f12f32026-05-06T05:49:40.533640+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "643cbd6d-99c9-4350-9b25-73ca387f12f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37822", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260316", "content": "", "creation_timestamp": "2026-03-16T03:00:00.000000Z"}2026-03-16T03:00:00+00:00https://db.gcve.eu/sighting/ddbc7f52-492f-4915-8289-e63b2245f6aa/exportddbc7f52-492f-4915-8289-e63b2245f6aa2026-05-06T05:49:40.533564+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "ddbc7f52-492f-4915-8289-e63b2245f6aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37822", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}2026-03-19T00:00:00+00:00https://db.gcve.eu/sighting/93973e4a-3255-486c-825f-bddff1c56311/export93973e4a-3255-486c-825f-bddff1c563112026-05-06T05:49:40.532183+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "93973e4a-3255-486c-825f-bddff1c56311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-37820", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}2026-03-19T00:00:00+00:00