Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 30 Apr 2026 12:50:00 +0000 f2e8c9ee-56c7-4eea-a75a-8a6f2e16c362 https://db.gcve.eu/sighting/f2e8c9ee-56c7-4eea-a75a-8a6f2e16c362/export {"uuid": "f2e8c9ee-56c7-4eea-a75a-8a6f2e16c362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/G18Division/34", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T09:09:01.000000Z"} {"uuid": "f2e8c9ee-56c7-4eea-a75a-8a6f2e16c362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/G18Division/34", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T09:09:01.000000Z"} https://db.gcve.eu/sighting/f2e8c9ee-56c7-4eea-a75a-8a6f2e16c362/export Tue, 17 Sep 2024 09:09:01 +0000 412800c7-e21a-4477-83d3-afaaa237eb38 https://db.gcve.eu/sighting/412800c7-e21a-4477-83d3-afaaa237eb38/export {"uuid": "412800c7-e21a-4477-83d3-afaaa237eb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/whoisAlixan/2908", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T20:40:45.000000Z"} {"uuid": "412800c7-e21a-4477-83d3-afaaa237eb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/whoisAlixan/2908", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T20:40:45.000000Z"} https://db.gcve.eu/sighting/412800c7-e21a-4477-83d3-afaaa237eb38/export Tue, 17 Sep 2024 20:40:45 +0000 ab1652f7-4444-42fd-a5f2-11fd6350d0fd https://db.gcve.eu/sighting/ab1652f7-4444-42fd-a5f2-11fd6350d0fd/export {"uuid": "ab1652f7-4444-42fd-a5f2-11fd6350d0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/BhinnekaSec/2642", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-10-15T01:39:58.000000Z"} {"uuid": "ab1652f7-4444-42fd-a5f2-11fd6350d0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/BhinnekaSec/2642", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-10-15T01:39:58.000000Z"} https://db.gcve.eu/sighting/ab1652f7-4444-42fd-a5f2-11fd6350d0fd/export Tue, 15 Oct 2024 01:39:58 +0000