https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 08 Jun 2026 18:48:40 +0000 https://db.gcve.eu/sighting/91f2a274-dd91-4e5a-a46c-8a2387ade7d9/export {"uuid": "91f2a274-dd91-4e5a-a46c-8a2387ade7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52298", "type": "seen", "source": "https://t.me/cvedetector/10840", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52298 - (XWiki) PDF Viewer Delegate Input Validation Bypass Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-52298 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the \"Delegate my view right\" feature as long as the attacker can view a page whose last author has access to the attachment. For this, the attacker only needs to provide the reference to a PDF file to the macro. To obtain the reference of the desired attachment, the attacker can access the Page Index, Attachments tab. Even if the UI shows N/A, the user can inspect the page and check the HTTP request that fetches the live data entries. The attachment URL is available in the returned JSON for all attachments, including protected ones and allows getting the necessary values. This vulnerability is fixed in version 2.5.6. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:04.000000Z"} {"uuid": "91f2a274-dd91-4e5a-a46c-8a2387ade7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52298", "type": "seen", "source": "https://t.me/cvedetector/10840", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52298 - (XWiki) PDF Viewer Delegate Input Validation Bypass Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-52298 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the \"Delegate my view right\" feature as long as the attacker can view a page whose last author has access to the attachment. For this, the attacker only needs to provide the reference to a PDF file to the macro. To obtain the reference of the desired attachment, the attacker can access the Page Index, Attachments tab. Even if the UI shows N/A, the user can inspect the page and check the HTTP request that fetches the live data entries. The attachment URL is available in the returned JSON for all attachments, including protected ones and allows getting the necessary values. This vulnerability is fixed in version 2.5.6. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:04.000000Z"} https://db.gcve.eu/sighting/91f2a274-dd91-4e5a-a46c-8a2387ade7d9/export Wed, 13 Nov 2024 18:04:04 +0000 https://db.gcve.eu/sighting/38d8a8fa-f55a-4c86-a8a0-66901a3072a9/export {"uuid": "38d8a8fa-f55a-4c86-a8a0-66901a3072a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52299", "type": "seen", "source": "https://t.me/cvedetector/10841", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52299 - XWiki macro-pdfviewer Authenticated Arbitrary File Read\", \n \"Content\": \"CVE ID : CVE-2024-52299 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the \"key\" that is passed to prevent this is computed incorrectly, calling skip on the digest stream doesn't update the digest. This is fixed in 2.5.6. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:05.000000Z"} {"uuid": "38d8a8fa-f55a-4c86-a8a0-66901a3072a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52299", "type": "seen", "source": "https://t.me/cvedetector/10841", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52299 - XWiki macro-pdfviewer Authenticated Arbitrary File Read\", \n \"Content\": \"CVE ID : CVE-2024-52299 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the \"key\" that is passed to prevent this is computed incorrectly, calling skip on the digest stream doesn't update the digest. This is fixed in 2.5.6. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:05.000000Z"} https://db.gcve.eu/sighting/38d8a8fa-f55a-4c86-a8a0-66901a3072a9/export Wed, 13 Nov 2024 18:04:05 +0000 https://db.gcve.eu/sighting/ef25ab2f-8d68-496f-8e90-bf45212e3232/export {"uuid": "ef25ab2f-8d68-496f-8e90-bf45212e3232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52291", "type": "seen", "source": "https://t.me/cvedetector/10846", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52291 - CraftCMS File System Bypass Vulnerability (RCE/SSIT)\", \n \"Content\": \"CVE ID : CVE-2024-52291 \nPublished : Nov. 13, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : Craft is a content management system (CMS). A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme (e.g., file://file:////). This enables the attacker to specify sensitive folders as the file system, leading to potential file overwriting through malicious uploads, unauthorized access to sensitive files, and, under certain conditions, remote code execution (RCE) via Server-Side Template Injection (SSTI) payloads. Note that this will only work if you have an authenticated administrator account with allowAdminChanges enabled. This is fixed in 5.4.6 and 4.12.5. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:54:19.000000Z"} {"uuid": "ef25ab2f-8d68-496f-8e90-bf45212e3232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52291", "type": "seen", "source": "https://t.me/cvedetector/10846", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52291 - CraftCMS File System Bypass Vulnerability (RCE/SSIT)\", \n \"Content\": \"CVE ID : CVE-2024-52291 \nPublished : Nov. 13, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : Craft is a content management system (CMS). A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme (e.g., file://file:////). This enables the attacker to specify sensitive folders as the file system, leading to potential file overwriting through malicious uploads, unauthorized access to sensitive files, and, under certain conditions, remote code execution (RCE) via Server-Side Template Injection (SSTI) payloads. Note that this will only work if you have an authenticated administrator account with allowAdminChanges enabled. This is fixed in 5.4.6 and 4.12.5. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:54:19.000000Z"} https://db.gcve.eu/sighting/ef25ab2f-8d68-496f-8e90-bf45212e3232/export Wed, 13 Nov 2024 18:54:19 +0000 https://db.gcve.eu/sighting/b939c96e-7d90-4132-88a3-852e91e7904c/export {"uuid": "b939c96e-7d90-4132-88a3-852e91e7904c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52292", "type": "seen", "source": "https://t.me/cvedetector/10848", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52292 - Craft CMS File Exfiltration Remote Code Execution\", \n \"Content\": \"CVE ID : CVE-2024-52292 \nPublished : Nov. 13, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : Craft is a content management system (CMS). The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function within a system notification template, the attacker can exfiltrate the Base64-encoded file content through a triggered system email notification. Once the email is received, the Base64 payload can be decoded, allowing the attacker to read arbitrary files on the server. This is fixed in 5.4.9 and 4.12.8. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:54:21.000000Z"} {"uuid": "b939c96e-7d90-4132-88a3-852e91e7904c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52292", "type": "seen", "source": "https://t.me/cvedetector/10848", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52292 - Craft CMS File Exfiltration Remote Code Execution\", \n \"Content\": \"CVE ID : CVE-2024-52292 \nPublished : Nov. 13, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : Craft is a content management system (CMS). The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function within a system notification template, the attacker can exfiltrate the Base64-encoded file content through a triggered system email notification. Once the email is received, the Base64 payload can be decoded, allowing the attacker to read arbitrary files on the server. This is fixed in 5.4.9 and 4.12.8. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:54:21.000000Z"} https://db.gcve.eu/sighting/b939c96e-7d90-4132-88a3-852e91e7904c/export Wed, 13 Nov 2024 18:54:21 +0000 https://db.gcve.eu/sighting/eabf6b62-8324-4472-9916-fa0540eeb94a/export {"uuid": "eabf6b62-8324-4472-9916-fa0540eeb94a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52294", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113742682794610427", "content": "", "creation_timestamp": "2024-12-30T16:20:04.656733Z"} {"uuid": "eabf6b62-8324-4472-9916-fa0540eeb94a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52294", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113742682794610427", "content": "", "creation_timestamp": "2024-12-30T16:20:04.656733Z"} https://db.gcve.eu/sighting/eabf6b62-8324-4472-9916-fa0540eeb94a/export Mon, 30 Dec 2024 16:20:04 +0000 https://db.gcve.eu/sighting/2062b80d-4bb7-4095-ac7b-99b187f56858/export {"uuid": "2062b80d-4bb7-4095-ac7b-99b187f56858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52294", "type": "seen", "source": "https://t.me/cvedetector/13938", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52294 - Khoj Stripe Subscription IDOR\", \n \"Content\": \"CVE ID : CVE-2024-52294 \nPublished : Dec. 30, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email parameter in the request. The vulnerability exists in the subscription endpoint at `/api/subscription`. The endpoint uses an email parameter as a direct reference to user subscriptions without verifying object ownership. While authentication is required, there is no authorization check to verify if the authenticated user owns the referenced subscription. The issue was fixed in version 1.29.10. Support for arbitrarily presenting an email for update has been deprecated. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"30 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T19:18:31.000000Z"} {"uuid": "2062b80d-4bb7-4095-ac7b-99b187f56858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52294", "type": "seen", "source": "https://t.me/cvedetector/13938", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52294 - Khoj Stripe Subscription IDOR\", \n \"Content\": \"CVE ID : CVE-2024-52294 \nPublished : Dec. 30, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email parameter in the request. The vulnerability exists in the subscription endpoint at `/api/subscription`. The endpoint uses an email parameter as a direct reference to user subscriptions without verifying object ownership. While authentication is required, there is no authorization check to verify if the authenticated user owns the referenced subscription. The issue was fixed in version 1.29.10. Support for arbitrarily presenting an email for update has been deprecated. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"30 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T19:18:31.000000Z"} https://db.gcve.eu/sighting/2062b80d-4bb7-4095-ac7b-99b187f56858/export Mon, 30 Dec 2024 19:18:31 +0000 https://db.gcve.eu/sighting/ad263735-9a66-4204-9a61-de359cf427a8/export {"uuid": "ad263735-9a66-4204-9a61-de359cf427a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52295", "type": "seen", "source": "Telegram/F6v8N7bpQDw3aVfs4w9Tsg2vnAQ1M-kjylJj4l5D-5CK84Xg", "content": "", "creation_timestamp": "2025-02-20T23:26:55.000000Z"} {"uuid": "ad263735-9a66-4204-9a61-de359cf427a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52295", "type": "seen", "source": "Telegram/F6v8N7bpQDw3aVfs4w9Tsg2vnAQ1M-kjylJj4l5D-5CK84Xg", "content": "", "creation_timestamp": "2025-02-20T23:26:55.000000Z"} https://db.gcve.eu/sighting/ad263735-9a66-4204-9a61-de359cf427a8/export Thu, 20 Feb 2025 23:26:55 +0000 https://db.gcve.eu/sighting/4f8677c2-eda7-4437-9abd-83b63ada5ace/export {"uuid": "4f8677c2-eda7-4437-9abd-83b63ada5ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52290", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16291", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52290\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0 user with rights to modificate the service (e.g. kuiperUser role) can inject a cross-site scripting payload into Connection Configuration key `Name` (`confKey`) parameter. After this setup, when any user with access to this service (e.g. admin) tries to delete this key, a payload acts in the victim's browser. Version 2.1.0 fixes the issue.\n\ud83d\udccf Published: 2025-05-14T07:19:50.045Z\n\ud83d\udccf Modified: 2025-05-14T07:19:50.045Z\n\ud83d\udd17 References:\n1. https://github.com/lf-edge/ekuiper/security/advisories/GHSA-9cwv-pxcr-hfjc", "creation_timestamp": "2025-05-14T07:30:58.000000Z"} {"uuid": "4f8677c2-eda7-4437-9abd-83b63ada5ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52290", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16291", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52290\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0 user with rights to modificate the service (e.g. kuiperUser role) can inject a cross-site scripting payload into Connection Configuration key `Name` (`confKey`) parameter. After this setup, when any user with access to this service (e.g. admin) tries to delete this key, a payload acts in the victim's browser. Version 2.1.0 fixes the issue.\n\ud83d\udccf Published: 2025-05-14T07:19:50.045Z\n\ud83d\udccf Modified: 2025-05-14T07:19:50.045Z\n\ud83d\udd17 References:\n1. https://github.com/lf-edge/ekuiper/security/advisories/GHSA-9cwv-pxcr-hfjc", "creation_timestamp": "2025-05-14T07:30:58.000000Z"} https://db.gcve.eu/sighting/4f8677c2-eda7-4437-9abd-83b63ada5ace/export Wed, 14 May 2025 07:30:58 +0000 https://db.gcve.eu/sighting/ad4fc507-c188-430a-b53e-bb8611e04642/export {"uuid": "ad4fc507-c188-430a-b53e-bb8611e04642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52290", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4j7yr5xgc2", "content": "", "creation_timestamp": "2025-05-14T07:52:10.922096Z"} {"uuid": "ad4fc507-c188-430a-b53e-bb8611e04642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52290", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4j7yr5xgc2", "content": "", "creation_timestamp": "2025-05-14T07:52:10.922096Z"} https://db.gcve.eu/sighting/ad4fc507-c188-430a-b53e-bb8611e04642/export Wed, 14 May 2025 07:52:10 +0000 https://db.gcve.eu/sighting/9a4980d4-ce84-4b2e-876d-7fbe1b1efe64/export {"uuid": "9a4980d4-ce84-4b2e-876d-7fbe1b1efe64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52290", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp4o4ptkwz24", "content": "", "creation_timestamp": "2025-05-14T09:17:41.788843Z"} {"uuid": "9a4980d4-ce84-4b2e-876d-7fbe1b1efe64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52290", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp4o4ptkwz24", "content": "", "creation_timestamp": "2025-05-14T09:17:41.788843Z"} https://db.gcve.eu/sighting/9a4980d4-ce84-4b2e-876d-7fbe1b1efe64/export Wed, 14 May 2025 09:17:41 +0000