https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 17 May 2026 06:58:27 +0000 https://db.gcve.eu/sighting/46dccb23-a0bc-4a6a-953b-91f9e14950d8/export {"uuid": "46dccb23-a0bc-4a6a-953b-91f9e14950d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26265", "type": "seen", "source": "https://t.me/cibsecurity/58559", "content": "\u203c CVE-2023-26265 \u203c\n\nThe Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borg_preprocess_page in the file template.php does not properly sanitize incoming path arguments before using them.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T07:29:41.000000Z"} {"uuid": "46dccb23-a0bc-4a6a-953b-91f9e14950d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26265", "type": "seen", "source": "https://t.me/cibsecurity/58559", "content": "\u203c CVE-2023-26265 \u203c\n\nThe Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borg_preprocess_page in the file template.php does not properly sanitize incoming path arguments before using them.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T07:29:41.000000Z"} https://db.gcve.eu/sighting/46dccb23-a0bc-4a6a-953b-91f9e14950d8/export Tue, 21 Feb 2023 07:29:41 +0000 https://db.gcve.eu/sighting/a8badae0-12cf-4688-a810-1fdc15679ab0/export {"uuid": "a8badae0-12cf-4688-a810-1fdc15679ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26267", "type": "seen", "source": "https://t.me/cibsecurity/58561", "content": "\u203c CVE-2023-26267 \u203c\n\nphp-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \\LIBXML_DTDLOAD | \\LIBXML_DTDATTR.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T12:16:33.000000Z"} {"uuid": "a8badae0-12cf-4688-a810-1fdc15679ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26267", "type": "seen", "source": "https://t.me/cibsecurity/58561", "content": "\u203c CVE-2023-26267 \u203c\n\nphp-saml-sp before 1.1.1 and 2.x before 2.1.1 allows reading arbitrary files as the webserver user because resolving XML external entities was silently enabled via \\LIBXML_DTDLOAD | \\LIBXML_DTDATTR.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T12:16:33.000000Z"} https://db.gcve.eu/sighting/a8badae0-12cf-4688-a810-1fdc15679ab0/export Tue, 21 Feb 2023 12:16:33 +0000 https://db.gcve.eu/sighting/8deb36f4-0969-4ff0-ab45-ccbb264c7888/export {"uuid": "8deb36f4-0969-4ff0-ab45-ccbb264c7888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26261", "type": "seen", "source": "https://t.me/cibsecurity/59675", "content": "\u203c CVE-2023-26261 \u203c\n\nIn UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T19:23:07.000000Z"} {"uuid": "8deb36f4-0969-4ff0-ab45-ccbb264c7888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26261", "type": "seen", "source": "https://t.me/cibsecurity/59675", "content": "\u203c CVE-2023-26261 \u203c\n\nIn UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T19:23:07.000000Z"} https://db.gcve.eu/sighting/8deb36f4-0969-4ff0-ab45-ccbb264c7888/export Wed, 08 Mar 2023 19:23:07 +0000 https://db.gcve.eu/sighting/8b6853ee-29f4-4799-b87c-cbee351ca9e5/export {"uuid": "8b6853ee-29f4-4799-b87c-cbee351ca9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26262", "type": "seen", "source": "https://t.me/cibsecurity/60031", "content": "\u203c CVE-2023-26262 \u203c\n\nAn issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management (CM) server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-14T23:23:22.000000Z"} {"uuid": "8b6853ee-29f4-4799-b87c-cbee351ca9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26262", "type": "seen", "source": "https://t.me/cibsecurity/60031", "content": "\u203c CVE-2023-26262 \u203c\n\nAn issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management (CM) server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-14T23:23:22.000000Z"} https://db.gcve.eu/sighting/8b6853ee-29f4-4799-b87c-cbee351ca9e5/export Tue, 14 Mar 2023 23:23:22 +0000 https://db.gcve.eu/sighting/21bcaf6a-b88e-4fcf-869b-1ece96c73881/export {"uuid": "21bcaf6a-b88e-4fcf-869b-1ece96c73881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26268", "type": "seen", "source": "https://t.me/cibsecurity/63183", "content": "\u203c CVE-2023-26268 \u203c\n\nDesign documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update * list * filter * filter views (using view functions as filters) * rewrite * updateThis doesn't affect map/reduce or search (Dreyfus) index functions.Users are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3).Workaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-07T02:30:57.000000Z"} {"uuid": "21bcaf6a-b88e-4fcf-869b-1ece96c73881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26268", "type": "seen", "source": "https://t.me/cibsecurity/63183", "content": "\u203c CVE-2023-26268 \u203c\n\nDesign documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update * list * filter * filter views (using view functions as filters) * rewrite * updateThis doesn't affect map/reduce or search (Dreyfus) index functions.Users are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3).Workaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-07T02:30:57.000000Z"} https://db.gcve.eu/sighting/21bcaf6a-b88e-4fcf-869b-1ece96c73881/export Sun, 07 May 2023 02:30:57 +0000 https://db.gcve.eu/sighting/f737c14d-02e2-42a7-9c28-45733baee918/export {"uuid": "f737c14d-02e2-42a7-9c28-45733baee918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26269", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9465", "content": "#exploit\n1. CVE-2023-26269:\nMisconfigured JMX in Apache James\nhttps://github.com/mbadanoiu/CVE-2023-26269\n\n2. CVE-2023-34468:\nRCE via DB Components in Apache NiFi\nhttps://github.com/mbadanoiu/CVE-2023-34468\n\n3. CVE-2021-20253:\nPrivilege Escalation via Job Isolation Escape in Ansible Tower\nhttps://github.com/mbadanoiu/CVE-2021-20253", "creation_timestamp": "2023-11-26T12:45:59.000000Z"} {"uuid": "f737c14d-02e2-42a7-9c28-45733baee918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26269", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9465", "content": "#exploit\n1. CVE-2023-26269:\nMisconfigured JMX in Apache James\nhttps://github.com/mbadanoiu/CVE-2023-26269\n\n2. CVE-2023-34468:\nRCE via DB Components in Apache NiFi\nhttps://github.com/mbadanoiu/CVE-2023-34468\n\n3. CVE-2021-20253:\nPrivilege Escalation via Job Isolation Escape in Ansible Tower\nhttps://github.com/mbadanoiu/CVE-2021-20253", "creation_timestamp": "2023-11-26T12:45:59.000000Z"} https://db.gcve.eu/sighting/f737c14d-02e2-42a7-9c28-45733baee918/export Sun, 26 Nov 2023 12:45:59 +0000 https://db.gcve.eu/sighting/e7c15583-311f-4f7c-91da-950b761d3a13/export {"uuid": "e7c15583-311f-4f7c-91da-950b761d3a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26269", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2105", "content": "#exploit\n1. CVE-2023-26269:\nMisconfigured JMX in Apache James\nhttps://github.com/mbadanoiu/CVE-2023-26269\n\n2. CVE-2023-34468:\nRCE via DB Components in Apache NiFi\nhttps://github.com/mbadanoiu/CVE-2023-34468\n\n3. CVE-2021-20253:\nPrivilege Escalation via Job Isolation Escape in Ansible Tower\nhttps://github.com/mbadanoiu/CVE-2021-20253", "creation_timestamp": "2024-08-16T08:52:58.000000Z"} {"uuid": "e7c15583-311f-4f7c-91da-950b761d3a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26269", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2105", "content": "#exploit\n1. CVE-2023-26269:\nMisconfigured JMX in Apache James\nhttps://github.com/mbadanoiu/CVE-2023-26269\n\n2. CVE-2023-34468:\nRCE via DB Components in Apache NiFi\nhttps://github.com/mbadanoiu/CVE-2023-34468\n\n3. CVE-2021-20253:\nPrivilege Escalation via Job Isolation Escape in Ansible Tower\nhttps://github.com/mbadanoiu/CVE-2021-20253", "creation_timestamp": "2024-08-16T08:52:58.000000Z"} https://db.gcve.eu/sighting/e7c15583-311f-4f7c-91da-950b761d3a13/export Fri, 16 Aug 2024 08:52:58 +0000 https://db.gcve.eu/sighting/24fb9fcf-55b6-4c2b-9bf6-47524a4102ba/export {"uuid": "24fb9fcf-55b6-4c2b-9bf6-47524a4102ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26262", "type": "seen", "source": "Telegram/POQuUsY84hfzxYEE_EBmlBgSydM9MhDom_w5ueNKhIbHVUCw", "content": "", "creation_timestamp": "2025-03-02T11:44:20.000000Z"} {"uuid": "24fb9fcf-55b6-4c2b-9bf6-47524a4102ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26262", "type": "seen", "source": "Telegram/POQuUsY84hfzxYEE_EBmlBgSydM9MhDom_w5ueNKhIbHVUCw", "content": "", "creation_timestamp": "2025-03-02T11:44:20.000000Z"} https://db.gcve.eu/sighting/24fb9fcf-55b6-4c2b-9bf6-47524a4102ba/export Sun, 02 Mar 2025 11:44:20 +0000 https://db.gcve.eu/sighting/3c69287b-0925-4d66-89ec-b77057527955/export {"uuid": "3c69287b-0925-4d66-89ec-b77057527955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26261", "type": "seen", "source": "Telegram/kxpuNuf8fMN7E6m7IWR_jM4zAc-HQfMR-onhfQaZQsB6i_u1", "content": "", "creation_timestamp": "2025-03-06T02:16:33.000000Z"} {"uuid": "3c69287b-0925-4d66-89ec-b77057527955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26261", "type": "seen", "source": "Telegram/kxpuNuf8fMN7E6m7IWR_jM4zAc-HQfMR-onhfQaZQsB6i_u1", "content": "", "creation_timestamp": "2025-03-06T02:16:33.000000Z"} https://db.gcve.eu/sighting/3c69287b-0925-4d66-89ec-b77057527955/export Thu, 06 Mar 2025 02:16:33 +0000