https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 14 May 2026 07:54:28 +0000 https://db.gcve.eu/sighting/506ff469-3a37-45a7-9132-240774c92b1d/export {"uuid": "506ff469-3a37-45a7-9132-240774c92b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27107", "type": "seen", "source": "https://t.me/cvedetector/20237", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27107 - Minecraft Integrated Scripting Java Reflection Sandbox Escape\", \n \"Content\": \"CVE ID : CVE-2025-27107 \nPublished : March 13, 2025, 5:15 p.m. | 43\u00a0minutes ago \nDescription : Integrated Scripting is a tool for creating scripts for handling complex operations in Integrated Dynamics. Minecraft users who use Integrated Scripting prior to versions 1.21.1-1.0.17, 1.21.4-1.0.9-254, 1.20.1-1.0.13, and 1.19.2-1.0.10 may be vulnerable to arbitrary code execution. By using Java reflection on a thrown exception object it's possible to escape the JavaScript sandbox for IntegratedScripting's Variable Cards, and leverage that to construct arbitrary Java classes and invoke arbitrary Java methods. \nThis vulnerability allows for execution of arbitrary Java methods, and by extension arbitrary native code e.g. from `java.lang.Runtime.exec`, on the Minecraft server by any player with the ability to create and use an IntegratedScripting Variable Card. Versions 1.21.1-1.0.17, 1.21.4-1.0.9-254, 1.20.1-1.0.13, and 1.19.2-1.0.10 fix the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T19:48:13.000000Z"} {"uuid": "506ff469-3a37-45a7-9132-240774c92b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27107", "type": "seen", "source": "https://t.me/cvedetector/20237", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27107 - Minecraft Integrated Scripting Java Reflection Sandbox Escape\", \n \"Content\": \"CVE ID : CVE-2025-27107 \nPublished : March 13, 2025, 5:15 p.m. | 43\u00a0minutes ago \nDescription : Integrated Scripting is a tool for creating scripts for handling complex operations in Integrated Dynamics. Minecraft users who use Integrated Scripting prior to versions 1.21.1-1.0.17, 1.21.4-1.0.9-254, 1.20.1-1.0.13, and 1.19.2-1.0.10 may be vulnerable to arbitrary code execution. By using Java reflection on a thrown exception object it's possible to escape the JavaScript sandbox for IntegratedScripting's Variable Cards, and leverage that to construct arbitrary Java classes and invoke arbitrary Java methods. \nThis vulnerability allows for execution of arbitrary Java methods, and by extension arbitrary native code e.g. from `java.lang.Runtime.exec`, on the Minecraft server by any player with the ability to create and use an IntegratedScripting Variable Card. Versions 1.21.1-1.0.17, 1.21.4-1.0.9-254, 1.20.1-1.0.13, and 1.19.2-1.0.10 fix the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T19:48:13.000000Z"} https://db.gcve.eu/sighting/506ff469-3a37-45a7-9132-240774c92b1d/export Thu, 13 Mar 2025 19:48:13 +0000