https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 17 May 2026 17:03:40 +0000 https://db.gcve.eu/sighting/4c14309f-dbb0-4b41-b7bb-ece4beec87c0/export {"uuid": "4c14309f-dbb0-4b41-b7bb-ece4beec87c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-vg6x-rcgg-rjx6", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861495371199240", "content": "", "creation_timestamp": "2025-01-20T15:55:41.023196Z"} {"uuid": "4c14309f-dbb0-4b41-b7bb-ece4beec87c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-vg6x-rcgg-rjx6", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861495371199240", "content": "", "creation_timestamp": "2025-01-20T15:55:41.023196Z"} https://db.gcve.eu/sighting/4c14309f-dbb0-4b41-b7bb-ece4beec87c0/export Mon, 20 Jan 2025 15:55:41 +0000 https://db.gcve.eu/sighting/ed4abf8d-c2b3-451d-a2d0-169a31a610c1/export {"uuid": "ed4abf8d-c2b3-451d-a2d0-169a31a610c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-VG6X-RCGG-RJX6", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2362", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24010\n\ud83d\udd39 Description: Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation on the Origin header for WebSocket connections. This vulnerability is fixed in 6.0.9, 5.4.12, and 4.5.6.\n\ud83d\udccf Published: 2025-01-20T15:53:30.929Z\n\ud83d\udccf Modified: 2025-01-20T15:53:30.929Z\n\ud83d\udd17 References:\n1. https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6", "creation_timestamp": "2025-01-20T16:01:41.000000Z"} {"uuid": "ed4abf8d-c2b3-451d-a2d0-169a31a610c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-VG6X-RCGG-RJX6", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2362", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24010\n\ud83d\udd39 Description: Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation on the Origin header for WebSocket connections. This vulnerability is fixed in 6.0.9, 5.4.12, and 4.5.6.\n\ud83d\udccf Published: 2025-01-20T15:53:30.929Z\n\ud83d\udccf Modified: 2025-01-20T15:53:30.929Z\n\ud83d\udd17 References:\n1. https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6", "creation_timestamp": "2025-01-20T16:01:41.000000Z"} https://db.gcve.eu/sighting/ed4abf8d-c2b3-451d-a2d0-169a31a610c1/export Mon, 20 Jan 2025 16:01:41 +0000 https://db.gcve.eu/sighting/38acfff2-9451-4536-847e-674c9f9e94c2/export {"uuid": "38acfff2-9451-4536-847e-674c9f9e94c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-vg6x-rcgg-rjx6", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113886275645982803", "content": "", "creation_timestamp": "2025-01-25T00:57:37.906468Z"} {"uuid": "38acfff2-9451-4536-847e-674c9f9e94c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-vg6x-rcgg-rjx6", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113886275645982803", "content": "", "creation_timestamp": "2025-01-25T00:57:37.906468Z"} https://db.gcve.eu/sighting/38acfff2-9451-4536-847e-674c9f9e94c2/export Sat, 25 Jan 2025 00:57:37 +0000 https://db.gcve.eu/sighting/9600374f-9982-4e55-a255-562023b2f535/export {"uuid": "9600374f-9982-4e55-a255-562023b2f535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-VG6X-RCGG-RJX6", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3043", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24360\n\ud83d\udd39 Description: Nuxt is an open-source web development framework for Vue.js. Starting in version 3.8.1 and prior to version 3.15.3, Nuxt allows any websites to send any requests to the development server and read the response due to default CORS settings. Users with the default server.cors option using Vite builder may get the source code stolen by malicious websites. Version 3.15.3 fixes the vulnerability.\n\ud83d\udccf Published: 2025-01-25T00:49:09.783Z\n\ud83d\udccf Modified: 2025-01-25T00:49:09.783Z\n\ud83d\udd17 References:\n1. https://github.com/nuxt/nuxt/security/advisories/GHSA-2452-6xj8-jh47\n2. https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6\n3. https://github.com/nuxt/nuxt/pull/23995\n4. https://github.com/nuxt/nuxt/commit/7eeb910bf4accb1e0193b9178c746f06ad3dd88f\n5. https://github.com/nuxt/nuxt/blob/7d345c71462d90187fd09c96c7692f306c90def5/packages/vite/src/client.ts#L257-L263\n6. https://github.com/nuxt/nuxt/blob/7d345c71462d90187fd09c96c7692f306c90def5/packages/vite/src/vite-node.ts#L39", "creation_timestamp": "2025-01-25T01:05:10.000000Z"} {"uuid": "9600374f-9982-4e55-a255-562023b2f535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-VG6X-RCGG-RJX6", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3043", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24360\n\ud83d\udd39 Description: Nuxt is an open-source web development framework for Vue.js. Starting in version 3.8.1 and prior to version 3.15.3, Nuxt allows any websites to send any requests to the development server and read the response due to default CORS settings. Users with the default server.cors option using Vite builder may get the source code stolen by malicious websites. Version 3.15.3 fixes the vulnerability.\n\ud83d\udccf Published: 2025-01-25T00:49:09.783Z\n\ud83d\udccf Modified: 2025-01-25T00:49:09.783Z\n\ud83d\udd17 References:\n1. https://github.com/nuxt/nuxt/security/advisories/GHSA-2452-6xj8-jh47\n2. https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6\n3. https://github.com/nuxt/nuxt/pull/23995\n4. https://github.com/nuxt/nuxt/commit/7eeb910bf4accb1e0193b9178c746f06ad3dd88f\n5. https://github.com/nuxt/nuxt/blob/7d345c71462d90187fd09c96c7692f306c90def5/packages/vite/src/client.ts#L257-L263\n6. https://github.com/nuxt/nuxt/blob/7d345c71462d90187fd09c96c7692f306c90def5/packages/vite/src/vite-node.ts#L39", "creation_timestamp": "2025-01-25T01:05:10.000000Z"} https://db.gcve.eu/sighting/9600374f-9982-4e55-a255-562023b2f535/export Sat, 25 Jan 2025 01:05:10 +0000 https://db.gcve.eu/sighting/86da005a-4dc8-4597-b30c-24b35cd6c4d5/export {"uuid": "86da005a-4dc8-4597-b30c-24b35cd6c4d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-vg6x-rcgg-rjx6", "type": "seen", "source": "https://bsky.app/profile/azu.bsky.social/post/3li524bluem26", "content": "", "creation_timestamp": "2025-02-14T10:55:50.248974Z"} {"uuid": "86da005a-4dc8-4597-b30c-24b35cd6c4d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-vg6x-rcgg-rjx6", "type": "seen", "source": "https://bsky.app/profile/azu.bsky.social/post/3li524bluem26", "content": "", "creation_timestamp": "2025-02-14T10:55:50.248974Z"} https://db.gcve.eu/sighting/86da005a-4dc8-4597-b30c-24b35cd6c4d5/export Fri, 14 Feb 2025 10:55:50 +0000