{"vulnerability": "CVE-2025-2722", "sightings": [{"uuid": "48f27754-fe19-4ae6-baea-53566bd60da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27225", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-27225.yaml", "content": "", "creation_timestamp": "2025-10-01T18:53:17.000000Z"}, {"uuid": "d4a12134-c0c4-4cae-af30-5cfed58475a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27223", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-27223.yaml", "content": "", "creation_timestamp": "2025-10-01T18:49:45.000000Z"}, {"uuid": "098ae839-d22b-49f0-84db-4394fa1a9ddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27223", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2ahapki2u26", "content": "", "creation_timestamp": "2025-10-02T21:02:26.312367Z"}, {"uuid": "809d4fe0-d065-41e9-bc65-28abb40c02c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27225", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2ahapnans2g", "content": "", "creation_timestamp": "2025-10-02T21:02:26.871249Z"}, {"uuid": "7bc73ee6-bcca-4ebe-81a0-f3ff824aadcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27222", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-27222.yaml", "content": "", "creation_timestamp": "2025-10-01T18:48:20.000000Z"}, {"uuid": "68196550-3599-4501-9010-50392c4e9dd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27222", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2fi6hbyqx2n", "content": "", "creation_timestamp": "2025-10-04T21:02:22.874517Z"}, {"uuid": "479c7be5-925a-4523-a137-6b2586e3c80d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27223", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3iophmuvp26", "content": "", "creation_timestamp": "2025-10-18T21:02:32.149861Z"}, {"uuid": "ee1682fe-305c-4387-b499-c679aa89e129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2722", "type": "seen", "source": "https://t.me/cvedetector/21015", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2722 - GNOME libgsf Heap-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2722 \nPublished : March 25, 2025, 1:15 a.m. | 15\u00a0minutes ago \nDescription : A vulnerability was found in GNOME libgsf up to 1.14.53. It has been declared as critical. This vulnerability affects the function gsf_prop_settings_collect_va. The manipulation of the argument n_alloced_params leads to heap-based buffer overflow. Local access is required to approach this attack. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T02:46:02.000000Z"}, {"uuid": "bef7c2e8-4c6d-48ad-b6b3-ef9ec3346c04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27221", "type": "seen", "source": "https://gist.github.com/Darkcrai86/80137e2035551f24fb93907ce037aa12", "content": "", "creation_timestamp": "2025-10-07T12:02:42.000000Z"}, {"uuid": "36ef4032-1444-48e5-8fcc-eb2b842d7ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27222", "type": "seen", "source": "https://bsky.app/profile/rcesecurity.com/post/3m22ui2mis22w", "content": "", "creation_timestamp": "2025-09-30T15:43:13.637429Z"}, {"uuid": "20e7fbbd-ca84-4a41-887e-5bfca4e47d0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27225", "type": "seen", "source": "https://bsky.app/profile/rcesecurity.com/post/3m22ui2mis22w", "content": "", "creation_timestamp": "2025-09-30T15:43:13.738077Z"}, {"uuid": "6a636e45-74ed-43d4-9ae6-ac4f647bfc67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27221", "type": "seen", "source": "https://gist.github.com/alon710/33fe0b0b1e3c2651e23884a671bd8257", "content": "", "creation_timestamp": "2026-01-24T22:44:10.000000Z"}, {"uuid": "feb45c14-8749-47b1-b5af-0c52a9630701", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27220", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6301", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27220\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L)\n\ud83d\udd39 Description: In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.\n\ud83d\udccf Published: 2025-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T23:46:21.977Z\n\ud83d\udd17 References:\n1. https://hackerone.com/reports/2890322\n2. https://github.com/rubysec/ruby-advisory-db/blob/master/gems/cgi/CVE-2025-27220.yml", "creation_timestamp": "2025-03-04T00:31:06.000000Z"}, {"uuid": "dae6b352-e9cb-437e-a2c6-f2936a42e8cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27221", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6300", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27221\n\ud83d\udd25 CVSS Score: 3.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.\n\ud83d\udccf Published: 2025-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T23:58:48.831Z\n\ud83d\udd17 References:\n1. https://hackerone.com/reports/2957667\n2. https://github.com/rubysec/ruby-advisory-db/blob/master/gems/uri/CVE-2025-27221.yml", "creation_timestamp": "2025-03-04T00:31:05.000000Z"}, {"uuid": "2ef279ac-9492-48ab-a8ee-4baa38a2ebce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27221", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljjhmnqz2e2s", "content": "", "creation_timestamp": "2025-03-04T02:54:46.817194Z"}, {"uuid": "752afc46-e1e2-474f-93a6-36f0e08acfe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27225", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m473dhqctu2p", "content": "", "creation_timestamp": "2025-10-27T18:46:57.372151Z"}, {"uuid": "5eb752b0-59a4-4ea3-88df-b19cf161e0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27224", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m473jc2hwf23", "content": "", "creation_timestamp": "2025-10-27T18:50:12.924171Z"}, {"uuid": "87f57852-a6a0-4f99-b64e-975606dfec6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27222", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m47fl2gdfg2p", "content": "", "creation_timestamp": "2025-10-27T21:50:09.436531Z"}, {"uuid": "956eb19e-e197-4620-b8bd-0eea3f0c1378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27221", "type": "seen", "source": "https://bsky.app/profile/euvd-bot.bsky.social/post/3mbadzrajcr2e", "content": "", "creation_timestamp": "2025-12-30T22:01:13.326969Z"}, {"uuid": "798f66d5-76e8-4a10-98de-10ece97a7290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27220", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0315/", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "e407a88b-5b8a-4cd6-9648-52da152233e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27220", "type": "seen", "source": "https://t.me/cvedetector/19431", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27220 - Apache CGI Regular Expression Denial of Service (ReDoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27220 \nPublished : March 4, 2025, 12:15 a.m. | 18\u00a0minutes ago \nDescription : In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T01:36:53.000000Z"}, {"uuid": "320035ec-0252-4078-bac3-68c442677503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27221", "type": "seen", "source": "https://t.me/cvedetector/19434", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27221 - \"URI Gem Authentication Credential Leakage Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-27221 \nPublished : March 4, 2025, 12:15 a.m. | 18\u00a0minutes ago \nDescription : In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host. \nSeverity: 3.2 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T01:36:55.000000Z"}, {"uuid": "ddd505e1-9543-4b17-8cf0-0f8b9f3e2694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2722", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8579", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2722\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in GNOME libgsf up to 1.14.53. It has been declared as critical. This vulnerability affects the function gsf_prop_settings_collect_va. The manipulation of the argument n_alloced_params leads to heap-based buffer overflow. Local access is required to approach this attack. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-25T00:31:03.859Z\n\ud83d\udccf Modified: 2025-03-25T00:31:03.859Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.300742\n2. https://vuldb.com/?ctiid.300742\n3. https://vuldb.com/?submit.520182\n4. https://www.gnome.org/", "creation_timestamp": "2025-03-25T01:24:08.000000Z"}, {"uuid": "c76e412b-bbba-4afc-a15c-a894336ad2b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27220", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljjhmoeg7624", "content": "", "creation_timestamp": "2025-03-04T02:54:48.654021Z"}]}