{"vulnerability": "cve-2025-3804", "sightings": [{"uuid": "62b23c70-a22c-4f00-aea3-e4c9e318215c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38045", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "3c62c9d2-14df-4724-9e58-51477c23528a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38048", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "cf1a806f-1a67-4f74-bedd-3ed69b1911e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38041", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "2a0aa2d6-048c-4f47-acce-2db9f9a73bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38040", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "aaae0ba8-4e29-4c6c-b41a-b77bf10b40a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38046", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lruw4bg6jda2", "content": "", "creation_timestamp": "2025-06-18T11:35:03.464507Z"}, {"uuid": "86c6ad61-ee09-4582-b953-18b6b7b3ae80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3804", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln6lf2ixbb2r", "content": "", "creation_timestamp": "2025-04-19T16:43:36.723740Z"}, {"uuid": "850c81fc-09f7-4cd8-8d84-4b132a6d5530", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38040", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "ad0d1c0b-7937-463e-b3b3-fb29dcd2ec50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38041", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c3116056-e6a6-46ba-8a0c-5295ef9f7b55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38042", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "feb6973d-5478-4cd0-91eb-fb387f0533d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38045", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "73e55b9a-1ee9-4b22-9403-6c3927931723", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38047", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "0ec95ee5-17be-4ddf-a87d-7b415a343ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38049", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12405", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38049\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nx86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors\n\nCommit\n\n  6eac36bb9eb0 (\"x86/resctrl: Allocate the cleanest CLOSID by searching closid_num_dirty_rmid\")\n\nadded logic that causes resctrl to search for the CLOSID with the fewest dirty\ncache lines when creating a new control group, if requested by the arch code.\nThis depends on the values read from the llc_occupancy counters. The logic is\napplicable to architectures where the CLOSID effectively forms part of the\nmonitoring identifier and so do not allow complete freedom to choose an unused\nmonitoring identifier for a given CLOSID.\n\nThis support missed that some platforms may not have these counters.  This\ncauses a NULL pointer dereference when creating a new control group as the\narray was not allocated by dom_data_init().\n\nAs this feature isn't necessary on platforms that don't have cache occupancy\nmonitors, add this to the check that occurs when a new control group is\nallocated.\n\ud83d\udccf Published: 2025-04-18T07:01:30.421Z\n\ud83d\udccf Modified: 2025-04-18T07:01:30.421Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/a8a1bcc27d4607227088d80483164289b5348293\n2. https://git.kernel.org/stable/c/ed5addb55e403ad6598102bcf546e068ae01fef6\n3. https://git.kernel.org/stable/c/93a418fc61da13d1ee4047d4d1327990f7a2816a\n4. https://git.kernel.org/stable/c/a121798ae669351ec0697c94f71c3a692b2a755b", "creation_timestamp": "2025-04-18T07:59:21.000000Z"}, {"uuid": "092ad8b9-0ab7-4522-8ff8-9a9130e74e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38043", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18846", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-38043\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_ffa: Set dma_mask for ffa devices\n\nSet dma_mask for FFA devices, otherwise DMA allocation using the device pointer\nlead to following warning:\n\nWARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dma_alloc_attrs+0xe0/0x124\n\ud83d\udccf Published: 2025-06-18T09:33:27.994Z\n\ud83d\udccf Modified: 2025-06-19T13:11:02.372Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/97bab02f0b64ba6bcdf6a8fae561db07f509aee9\n2. https://git.kernel.org/stable/c/c6aa1d6bd6ccff4ecdf064d288817657ec8532f0\n3. https://git.kernel.org/stable/c/e2de76c34a8a925efe80fccae4810427bc144ed0\n4. https://git.kernel.org/stable/c/3a3efeef64364c2a028cf0d03d68c831813a97fd\n5. https://git.kernel.org/stable/c/2e62c803feec1ef5847d8fa47dd0de039abfa378\n6. https://git.kernel.org/stable/c/cc0aac7ca17e0ea3ca84b552fc79f3e86fd07f53", "creation_timestamp": "2025-06-19T13:39:35.000000Z"}, {"uuid": "1d72b306-9c0a-44b0-84f5-31469a7ed877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-38046", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lruw43asmw2n", "content": "", "creation_timestamp": "2025-06-18T11:34:47.031034Z"}, {"uuid": "5c39e869-44bf-4256-a55a-0e4205fe6935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3804", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12585", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3804\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-19T15:31:04.195Z\n\ud83d\udccf Modified: 2025-04-19T15:31:04.195Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.305658\n2. https://vuldb.com/?ctiid.305658\n3. https://vuldb.com/?submit.554779\n4. https://github.com/thautwarm/vscode-diana/issues/1\n5. https://github.com/thautwarm/vscode-diana/issues/1#issue-2982880456", "creation_timestamp": "2025-04-19T16:02:35.000000Z"}, {"uuid": "dd46c2c8-e4ea-4c66-a1c9-5bc846268930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3804", "type": "seen", "source": "https://t.me/cvedetector/23385", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3804 - Thautwarm VSCode-Diana Jinja2 Template Handler Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3804 \nPublished : April 19, 2025, 4:15 p.m. | 40\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-19T19:19:35.000000Z"}]}