{"vulnerability": "CVE-2025-0868", "sightings": [{"uuid": "641244d0-6324-4e4f-9ba6-cc0c123d0571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "https://www.exploit-db.com/exploits/52145", "content": "", "creation_timestamp": "2025-04-09T00:00:00.000000Z"}, {"uuid": "f7e5f7a4-3c1f-4502-b605-09d210b0c5d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "2e12e3a3-1d42-479a-9061-2d4d3fb473d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-13)", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "20cdef93-8eca-4695-b85e-e8ac0811e49c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://t.me/cvedetector/18542", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0868 - DocsGPT JSON Code Injection RCE\", \n  \"Content\": \"CVE ID : CVE-2025-0868 \nPublished : Feb. 20, 2025, 12:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.  \n  \nThis issue affects DocsGPT: from 0.8.1 through 0.12.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T14:49:35.000000Z"}, {"uuid": "50d9d494-a027-48be-b2e7-1ca48776278a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3362", "content": "#exploit\n1. CCleaner LPE Vulnerability on macOS\nhttps://blog.quarkslab.com/ccleaner_lpe_macos.html\n\n2. CVE-2025-0868:\nArbitrary Command Injection in DocsGPT\nhttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n3. CVE-2025-30208:\nVite Arbitrary File Read vulnerability\nhttps://github.com/jackieya/CVE-2025-30208", "creation_timestamp": "2025-04-01T06:29:39.000000Z"}, {"uuid": "e16f076e-7aa9-4bde-9fcb-a1fa3ddb8647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lj4blay6ei2v", "content": "", "creation_timestamp": "2025-02-26T21:02:04.553869Z"}, {"uuid": "c21963f9-31b2-42d6-b16a-e216123c5c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-24)", "content": "", "creation_timestamp": "2025-06-24T00:00:00.000000Z"}, {"uuid": "07b667d5-2a76-4376-8221-71449bcb7634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmifnen7dv27", "content": "", "creation_timestamp": "2025-04-10T21:02:23.415461Z"}, {"uuid": "664ae8ba-737d-472b-8fb4-3597918e594c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-20)", "content": "", "creation_timestamp": "2025-06-20T00:00:00.000000Z"}, {"uuid": "d7d8ce36-31e6-4293-b011-a2b57204bdc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "5ac48aac-c76d-478b-81c6-ab4e4bec4aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/28156", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThe first publicly available exploit demonstration for CVE-2025-0868, to the best of my knowledge.\nURL\uff1ahttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-31T22:02:03.000000Z"}, {"uuid": "36ceb971-c150-423c-8864-9b4042fbbd5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "Telegram/YcLyfgjxS8wFVsXueB-Fpx0MMnYTtaDaq1jL96EujmeZ3VmW", "content": "", "creation_timestamp": "2025-02-20T23:26:54.000000Z"}, {"uuid": "ada98775-42a6-4bb3-9ad1-61f818d9182f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/8445", "content": "#exploit\n1. CCleaner LPE Vulnerability on macOS\nhttps://blog.quarkslab.com/ccleaner_lpe_macos.html\n\n2. CVE-2025-0868:\nArbitrary Command Injection in DocsGPT\nhttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n3. CVE-2025-30208:\nVite Arbitrary File Read vulnerability\nhttps://github.com/jackieya/CVE-2025-30208", "creation_timestamp": "2025-04-01T06:29:39.000000Z"}, {"uuid": "30d8a73a-edb7-4c51-b84f-8d0bff52c88f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-0868.yaml", "content": "", "creation_timestamp": "2025-02-25T10:34:07.000000Z"}, {"uuid": "f86b0a9d-1f68-4c28-b16c-4454de5d41d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3limlaauq6h2y", "content": "", "creation_timestamp": "2025-02-20T15:12:13.846824Z"}, {"uuid": "ee2105fa-a41f-4dc9-93f8-685df09670aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "Telegram/L244JoNw57CRJMWCPi_ZRxUkTJoBnlOlWfCWqfHHeiICTHY", "content": "", "creation_timestamp": "2025-04-01T05:00:07.000000Z"}, {"uuid": "12189705-a2f9-4285-8d5b-d28b6cff66ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11994", "content": "#exploit\n1. CCleaner LPE Vulnerability on macOS\nhttps://blog.quarkslab.com/ccleaner_lpe_macos.html\n\n2. CVE-2025-0868:\nArbitrary Command Injection in DocsGPT\nhttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n3. CVE-2025-30208:\nVite Arbitrary File Read vulnerability\nhttps://github.com/jackieya/CVE-2025-30208", "creation_timestamp": "2025-04-01T18:10:02.000000Z"}, {"uuid": "d8973018-c48d-4af1-ba50-982c1b06a866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-21)", "content": "", "creation_timestamp": "2025-06-21T00:00:00.000000Z"}, {"uuid": "0a1d37cf-3ed5-4e7e-8c97-07332bc67405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrbs3rwsp32u", "content": "", "creation_timestamp": "2025-06-10T21:02:35.992847Z"}]}