https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 27 May 2026 05:00:29 +0000 https://db.gcve.eu/sighting/6e9c7bdb-3466-432c-8377-b810bea23508/export {"uuid": "6e9c7bdb-3466-432c-8377-b810bea23508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FCGX-Q63F-7GW4", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9719", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30369\n\ud83d\udd25 CVSS Score: 2.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization was incorrectly allowed to delete custom profile fields belonging to a different organization. This is fixed in Zulip Server 10.1.\n\ud83d\udccf Published: 2025-03-31T16:32:54.301Z\n\ud83d\udccf Modified: 2025-03-31T16:32:54.301Z\n\ud83d\udd17 References:\n1. https://github.com/zulip/zulip/security/advisories/GHSA-fcgx-q63f-7gw4", "creation_timestamp": "2025-03-31T17:31:13.000000Z"} {"uuid": "6e9c7bdb-3466-432c-8377-b810bea23508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-FCGX-Q63F-7GW4", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9719", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30369\n\ud83d\udd25 CVSS Score: 2.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any organization was incorrectly allowed to delete custom profile fields belonging to a different organization. This is fixed in Zulip Server 10.1.\n\ud83d\udccf Published: 2025-03-31T16:32:54.301Z\n\ud83d\udccf Modified: 2025-03-31T16:32:54.301Z\n\ud83d\udd17 References:\n1. https://github.com/zulip/zulip/security/advisories/GHSA-fcgx-q63f-7gw4", "creation_timestamp": "2025-03-31T17:31:13.000000Z"} https://db.gcve.eu/sighting/6e9c7bdb-3466-432c-8377-b810bea23508/export Mon, 31 Mar 2025 17:31:13 +0000