Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 05 Jun 2026 13:28:04 +0000 f5826629-e9e3-473a-a48d-5a3f01ca335c https://db.gcve.eu/sighting/f5826629-e9e3-473a-a48d-5a3f01ca335c/export {"uuid": "f5826629-e9e3-473a-a48d-5a3f01ca335c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "seen", "source": "https://t.me/cvedetector/12341", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55563 - Bitcoin Core Transaction Relay Jamming Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-55563 \nPublished : Dec. 9, 2024, 1:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be changed because a flood of transaction traffic prevents propagation of certain Lightning channel transactions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:17.000000Z"} {"uuid": "f5826629-e9e3-473a-a48d-5a3f01ca335c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "seen", "source": "https://t.me/cvedetector/12341", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55563 - Bitcoin Core Transaction Relay Jamming Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-55563 \nPublished : Dec. 9, 2024, 1:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be changed because a flood of transaction traffic prevents propagation of certain Lightning channel transactions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:17.000000Z"} https://db.gcve.eu/sighting/f5826629-e9e3-473a-a48d-5a3f01ca335c/export Mon, 09 Dec 2024 03:49:17 +0000 4e803854-5b45-4aa0-b6ac-7162d90317c5 https://db.gcve.eu/sighting/4e803854-5b45-4aa0-b6ac-7162d90317c5/export {"uuid": "4e803854-5b45-4aa0-b6ac-7162d90317c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55565", "type": "seen", "source": "https://t.me/cvedetector/12343", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55565 - Nanoid Before Integer Value Handling\", \n \"Content\": \"CVE ID : CVE-2024-55565 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:18.000000Z"} {"uuid": "4e803854-5b45-4aa0-b6ac-7162d90317c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55565", "type": "seen", "source": "https://t.me/cvedetector/12343", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55565 - Nanoid Before Integer Value Handling\", \n \"Content\": \"CVE ID : CVE-2024-55565 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:18.000000Z"} https://db.gcve.eu/sighting/4e803854-5b45-4aa0-b6ac-7162d90317c5/export Mon, 09 Dec 2024 03:49:18 +0000 734f150f-2746-44e9-b531-96b7bc704965 https://db.gcve.eu/sighting/734f150f-2746-44e9-b531-96b7bc704965/export {"uuid": "734f150f-2746-44e9-b531-96b7bc704965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55564", "type": "seen", "source": "https://t.me/cvedetector/12345", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55564 - \"PHPosexy Execve Buffer Overflow\"\", \n \"Content\": \"CVE ID : CVE-2024-55564 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:22.000000Z"} {"uuid": "734f150f-2746-44e9-b531-96b7bc704965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55564", "type": "seen", "source": "https://t.me/cvedetector/12345", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55564 - \"PHPosexy Execve Buffer Overflow\"\", \n \"Content\": \"CVE ID : CVE-2024-55564 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:22.000000Z"} https://db.gcve.eu/sighting/734f150f-2746-44e9-b531-96b7bc704965/export Mon, 09 Dec 2024 03:49:22 +0000 bb6dc714-2a01-4380-b2aa-1d1209acee55 https://db.gcve.eu/sighting/bb6dc714-2a01-4380-b2aa-1d1209acee55/export {"uuid": "bb6dc714-2a01-4380-b2aa-1d1209acee55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55566", "type": "seen", "source": "https://t.me/cvedetector/12346", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55566 - ColPack Temporary File Overwrite Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-55566 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:23.000000Z"} {"uuid": "bb6dc714-2a01-4380-b2aa-1d1209acee55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55566", "type": "seen", "source": "https://t.me/cvedetector/12346", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55566 - ColPack Temporary File Overwrite Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-55566 \nPublished : Dec. 9, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T03:49:23.000000Z"} https://db.gcve.eu/sighting/bb6dc714-2a01-4380-b2aa-1d1209acee55/export Mon, 09 Dec 2024 03:49:23 +0000 fc43f17a-a200-45a0-9295-f181aaca3af3 https://db.gcve.eu/sighting/fc43f17a-a200-45a0-9295-f181aaca3af3/export {"uuid": "fc43f17a-a200-45a0-9295-f181aaca3af3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "seen", "source": "https://t.me/CyberBulletin/1720", "content": "\u26a1\ufe0fCVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network.\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:15:05.000000Z"} {"uuid": "fc43f17a-a200-45a0-9295-f181aaca3af3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "seen", "source": "https://t.me/CyberBulletin/1720", "content": "\u26a1\ufe0fCVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network.\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:15:05.000000Z"} https://db.gcve.eu/sighting/fc43f17a-a200-45a0-9295-f181aaca3af3/export Mon, 09 Dec 2024 13:15:05 +0000 4de6f9d5-c94b-4e32-9045-a6c21a6f96c1 https://db.gcve.eu/sighting/4de6f9d5-c94b-4e32-9045-a6c21a6f96c1/export {"uuid": "4de6f9d5-c94b-4e32-9045-a6c21a6f96c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "seen", "source": "https://t.me/CyberBulletin/26745", "content": "\u26a1\ufe0fCVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network.\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:15:05.000000Z"} {"uuid": "4de6f9d5-c94b-4e32-9045-a6c21a6f96c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "seen", "source": "https://t.me/CyberBulletin/26745", "content": "\u26a1\ufe0fCVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network.\n\n#CyberBulletin", "creation_timestamp": "2024-12-09T13:15:05.000000Z"} https://db.gcve.eu/sighting/4de6f9d5-c94b-4e32-9045-a6c21a6f96c1/export Mon, 09 Dec 2024 13:15:05 +0000 38a46d13-cce2-4fd4-ac31-52124af2afe3 https://db.gcve.eu/sighting/38a46d13-cce2-4fd4-ac31-52124af2afe3/export {"uuid": "38a46d13-cce2-4fd4-ac31-52124af2afe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6460", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55563\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be changed because a flood of transaction traffic prevents propagation of certain Lightning channel transactions.\n\ud83d\udccf Published: 2024-12-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-04T21:33:22.130Z\n\ud83d\udd17 References:\n1. https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures\n2. https://bitcoincore.org\n3. https://delvingbitcoin.org/t/full-disclosure-transaction-relay-throughput-overflow-attacks-against-off-chain-protocols/1305\n4. https://gnusha.org/pi/bitcoindev/CALZpt+EptER=p+P7VN3QAb9n=dODA9_LnR9xZwWpRsdAwedv=w@mail.gmail.com/T/#u\n5. https://ariard.github.io", "creation_timestamp": "2025-03-04T22:33:34.000000Z"} {"uuid": "38a46d13-cce2-4fd4-ac31-52124af2afe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55563", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6460", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55563\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Bitcoin Core through 27.2 allows transaction-relay jamming via an off-chain protocol attack, a related issue to CVE-2024-52913. For example, the outcome of an HTLC (Hashed Timelock Contract) can be changed because a flood of transaction traffic prevents propagation of certain Lightning channel transactions.\n\ud83d\udccf Published: 2024-12-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-04T21:33:22.130Z\n\ud83d\udd17 References:\n1. https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures\n2. https://bitcoincore.org\n3. https://delvingbitcoin.org/t/full-disclosure-transaction-relay-throughput-overflow-attacks-against-off-chain-protocols/1305\n4. https://gnusha.org/pi/bitcoindev/CALZpt+EptER=p+P7VN3QAb9n=dODA9_LnR9xZwWpRsdAwedv=w@mail.gmail.com/T/#u\n5. https://ariard.github.io", "creation_timestamp": "2025-03-04T22:33:34.000000Z"} https://db.gcve.eu/sighting/38a46d13-cce2-4fd4-ac31-52124af2afe3/export Tue, 04 Mar 2025 22:33:34 +0000 929a721a-ae6b-4d1a-9e4d-9dde34a1f57e https://db.gcve.eu/sighting/929a721a-ae6b-4d1a-9e4d-9dde34a1f57e/export {"uuid": "929a721a-ae6b-4d1a-9e4d-9dde34a1f57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55569", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16429", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55569\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds writes.\n\ud83d\udccf Published: 2025-05-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-14T20:35:59.907Z\n\ud83d\udd17 References:\n1. https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n2. https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-55569/", "creation_timestamp": "2025-05-14T21:32:36.000000Z"} {"uuid": "929a721a-ae6b-4d1a-9e4d-9dde34a1f57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55569", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16429", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55569\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The lack of a length check leads to out-of-bounds writes.\n\ud83d\udccf Published: 2025-05-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-14T20:35:59.907Z\n\ud83d\udd17 References:\n1. https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n2. https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-55569/", "creation_timestamp": "2025-05-14T21:32:36.000000Z"} https://db.gcve.eu/sighting/929a721a-ae6b-4d1a-9e4d-9dde34a1f57e/export Wed, 14 May 2025 21:32:36 +0000 8b0fa57d-9c11-4cc2-a656-baae23912895 https://db.gcve.eu/sighting/8b0fa57d-9c11-4cc2-a656-baae23912895/export {"uuid": "8b0fa57d-9c11-4cc2-a656-baae23912895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55569", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp63whlzmm2t", "content": "", "creation_timestamp": "2025-05-14T22:57:26.489102Z"} {"uuid": "8b0fa57d-9c11-4cc2-a656-baae23912895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55569", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp63whlzmm2t", "content": "", "creation_timestamp": "2025-05-14T22:57:26.489102Z"} https://db.gcve.eu/sighting/8b0fa57d-9c11-4cc2-a656-baae23912895/export Wed, 14 May 2025 22:57:26 +0000 2134c882-01cf-4600-b2e5-442cb44f0d2e https://db.gcve.eu/sighting/2134c882-01cf-4600-b2e5-442cb44f0d2e/export {"uuid": "2134c882-01cf-4600-b2e5-442cb44f0d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55567", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18656", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55567\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:H/S:C/UI:N)\n\ud83d\udd39 Description: Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.\n\ud83d\udccf Published: 2025-06-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T19:07:52.795Z\n\ud83d\udd17 References:\n1. https://www.insyde.com/security-pledge/sa-2024018/", "creation_timestamp": "2025-06-17T19:39:35.000000Z"} {"uuid": "2134c882-01cf-4600-b2e5-442cb44f0d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55567", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18656", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55567\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:H/S:C/UI:N)\n\ud83d\udd39 Description: Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05.47.01, 5.5 before 05.55.01, 5.6 before 05.62.01, and 5.7 before 05.71.01. The SMM module has an SMM call out vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.\n\ud83d\udccf Published: 2025-06-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T19:07:52.795Z\n\ud83d\udd17 References:\n1. https://www.insyde.com/security-pledge/sa-2024018/", "creation_timestamp": "2025-06-17T19:39:35.000000Z"} https://db.gcve.eu/sighting/2134c882-01cf-4600-b2e5-442cb44f0d2e/export Tue, 17 Jun 2025 19:39:35 +0000