https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 23 May 2026 20:54:19 +0000 https://db.gcve.eu/sighting/ea2948dd-dcda-4e91-bf61-28b13142b9ae/export {"uuid": "ea2948dd-dcda-4e91-bf61-28b13142b9ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-794X-GM8V-2WJ6", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8662", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55604\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as \"App Viewer\" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a list of datasources in a workspace they're a member of. This information disclosure does NOT expose sensitive data in the datasources, such as database passwords and API Keys. The attacker needs to have been invited to a workspace as a \"viewer\", by someone in that workspace with access to invite. The attacker then needs to be able to signup/login to that Appsmith instance. The issue is patched in version 1.51. No known workarounds are available.\n\ud83d\udccf Published: 2025-03-25T14:15:05.339Z\n\ud83d\udccf Modified: 2025-03-25T14:15:05.339Z\n\ud83d\udd17 References:\n1. https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6", "creation_timestamp": "2025-03-25T14:24:13.000000Z"} {"uuid": "ea2948dd-dcda-4e91-bf61-28b13142b9ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-794X-GM8V-2WJ6", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8662", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55604\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Appsmith is a platform to build admin panels, internal tools, and dashboards. Users invited as \"App Viewer\" should not have access to development information of a workspace. Datasources are such a component in a workspace. Yet, in versions of Appsmith prior to 1.51, app viewers are able to get a list of datasources in a workspace they're a member of. This information disclosure does NOT expose sensitive data in the datasources, such as database passwords and API Keys. The attacker needs to have been invited to a workspace as a \"viewer\", by someone in that workspace with access to invite. The attacker then needs to be able to signup/login to that Appsmith instance. The issue is patched in version 1.51. No known workarounds are available.\n\ud83d\udccf Published: 2025-03-25T14:15:05.339Z\n\ud83d\udccf Modified: 2025-03-25T14:15:05.339Z\n\ud83d\udd17 References:\n1. https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6", "creation_timestamp": "2025-03-25T14:24:13.000000Z"} https://db.gcve.eu/sighting/ea2948dd-dcda-4e91-bf61-28b13142b9ae/export Tue, 25 Mar 2025 14:24:13 +0000 https://db.gcve.eu/sighting/18c15707-1ddf-4eba-90a4-61340d00fcc7/export {"uuid": "18c15707-1ddf-4eba-90a4-61340d00fcc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-794X-GM8V-2WJ6", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8959", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55965\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appsmith before 1.51. Users invited as \"App Viewer\" incorrectly have access to development information of a workspace (specifically, a list of datasources in a workspace they're a member of). This information disclosure does not expose sensitive data in the datasources, such as database passwords and API Keys.\n\ud83d\udccf Published: 2025-03-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T20:12:18.796Z\n\ud83d\udd17 References:\n1. https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6", "creation_timestamp": "2025-03-26T20:25:48.000000Z"} {"uuid": "18c15707-1ddf-4eba-90a4-61340d00fcc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-794X-GM8V-2WJ6", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8959", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55965\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appsmith before 1.51. Users invited as \"App Viewer\" incorrectly have access to development information of a workspace (specifically, a list of datasources in a workspace they're a member of). This information disclosure does not expose sensitive data in the datasources, such as database passwords and API Keys.\n\ud83d\udccf Published: 2025-03-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T20:12:18.796Z\n\ud83d\udd17 References:\n1. https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6", "creation_timestamp": "2025-03-26T20:25:48.000000Z"} https://db.gcve.eu/sighting/18c15707-1ddf-4eba-90a4-61340d00fcc7/export Wed, 26 Mar 2025 20:25:48 +0000