https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 26 May 2026 02:37:46 +0000 https://db.gcve.eu/sighting/7c59d9d3-54da-4e1f-b4c1-1e00c2afda0f/export {"uuid": "7c59d9d3-54da-4e1f-b4c1-1e00c2afda0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-21268", "type": "seen", "source": "https://t.me/cibsecurity/13061", "content": "ATENTION\u203c New - CVE-2018-21268\n\nThe traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-25T20:55:30.000000Z"} {"uuid": "7c59d9d3-54da-4e1f-b4c1-1e00c2afda0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-21268", "type": "seen", "source": "https://t.me/cibsecurity/13061", "content": "ATENTION\u203c New - CVE-2018-21268\n\nThe traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-25T20:55:30.000000Z"} https://db.gcve.eu/sighting/7c59d9d3-54da-4e1f-b4c1-1e00c2afda0f/export Thu, 25 Jun 2020 20:55:30 +0000 https://db.gcve.eu/sighting/3a06c040-e8ef-4662-bc6a-71e3e7cf2b78/export {"uuid": "3a06c040-e8ef-4662-bc6a-71e3e7cf2b78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-21268", "type": "seen", "source": "https://t.me/cibsecurity/13165", "content": "ATENTION\u203c New - CVE-2018-21268\n\nThe traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-01T11:55:36.000000Z"} {"uuid": "3a06c040-e8ef-4662-bc6a-71e3e7cf2b78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-21268", "type": "seen", "source": "https://t.me/cibsecurity/13165", "content": "ATENTION\u203c New - CVE-2018-21268\n\nThe traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-01T11:55:36.000000Z"} https://db.gcve.eu/sighting/3a06c040-e8ef-4662-bc6a-71e3e7cf2b78/export Wed, 01 Jul 2020 11:55:36 +0000 https://db.gcve.eu/sighting/4154f6d5-89ad-499d-b0a2-d62a70a1b26c/export {"uuid": "4154f6d5-89ad-499d-b0a2-d62a70a1b26c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-21268", "type": "seen", "source": "https://t.me/cibsecurity/13176", "content": "ATENTION\u203c New - CVE-2018-21268\n\nThe traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-01T14:55:31.000000Z"} {"uuid": "4154f6d5-89ad-499d-b0a2-d62a70a1b26c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-21268", "type": "seen", "source": "https://t.me/cibsecurity/13176", "content": "ATENTION\u203c New - CVE-2018-21268\n\nThe traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-01T14:55:31.000000Z"} https://db.gcve.eu/sighting/4154f6d5-89ad-499d-b0a2-d62a70a1b26c/export Wed, 01 Jul 2020 14:55:31 +0000