https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 17:58:09 +0000 https://db.gcve.eu/sighting/6f13c573-fd14-4b67-831f-3fca74403653/export {"uuid": "6f13c573-fd14-4b67-831f-3fca74403653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-cg87-wmx4-v546", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113845820383025414", "content": "", "creation_timestamp": "2025-01-17T21:29:19.389313Z"} {"uuid": "6f13c573-fd14-4b67-831f-3fca74403653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-cg87-wmx4-v546", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113845820383025414", "content": "", "creation_timestamp": "2025-01-17T21:29:19.389313Z"} https://db.gcve.eu/sighting/6f13c573-fd14-4b67-831f-3fca74403653/export Fri, 17 Jan 2025 21:29:19 +0000 https://db.gcve.eu/sighting/e31b18bd-e0bf-495a-84e0-0301702e5339/export {"uuid": "e31b18bd-e0bf-495a-84e0-0301702e5339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-CG87-WMX4-V546", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2224", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23207\n\ud83d\udd39 Description: KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\\htmlData` commands, forbid inputs containing the substring `\"\\\\htmlData\"` and sanitize HTML output from KaTeX.\n\ud83d\udccf Published: 2025-01-17T21:25:05.746Z\n\ud83d\udccf Modified: 2025-01-17T21:32:24.984Z\n\ud83d\udd17 References:\n1. https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546\n2. https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c", "creation_timestamp": "2025-01-17T21:56:59.000000Z"} {"uuid": "e31b18bd-e0bf-495a-84e0-0301702e5339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-CG87-WMX4-V546", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2224", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23207\n\ud83d\udd39 Description: KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\\htmlData` commands, forbid inputs containing the substring `\"\\\\htmlData\"` and sanitize HTML output from KaTeX.\n\ud83d\udccf Published: 2025-01-17T21:25:05.746Z\n\ud83d\udccf Modified: 2025-01-17T21:32:24.984Z\n\ud83d\udd17 References:\n1. https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546\n2. https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c", "creation_timestamp": "2025-01-17T21:56:59.000000Z"} https://db.gcve.eu/sighting/e31b18bd-e0bf-495a-84e0-0301702e5339/export Fri, 17 Jan 2025 21:56:59 +0000