{"vulnerability": "CVE-2025-1540", "sightings": [{"uuid": "b967de1b-85cb-4fcb-ae20-479476a9d8b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1540", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6659", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1540\n\ud83d\udd25 CVSS Score: 3.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible for a user added as an External to read and clone internal projects under certain circumstances.\"\n\ud83d\udccf Published: 2025-03-06T08:31:07.791Z\n\ud83d\udccf Modified: 2025-03-06T08:31:07.791Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/512765\n2. https://about.gitlab.com/releases/2025/02/12/patch-release-gitlab-17-8-2-released/#saml-authentication-misconfigures-external-user-attribute", "creation_timestamp": "2025-03-06T09:37:53.000000Z"}, {"uuid": "a003c8be-68c0-43b0-bad3-2cec452de8d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15403", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mclq36xubl2i", "content": "", "creation_timestamp": "2026-01-17T04:01:15.352261Z"}, {"uuid": "b60a0ac5-dad1-4e86-8fff-28c064c279dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15403", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mclqkpjozl2h", "content": "", "creation_timestamp": "2026-01-17T04:09:55.541917Z"}, {"uuid": "aa3309a1-cf05-4510-8d4d-b1614505ec70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1540", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljp77japzm2o", "content": "", "creation_timestamp": "2025-03-06T09:40:14.992987Z"}, {"uuid": "a9544bb5-04a2-41ea-8d18-b87592b9a129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15404", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbelngc4uq2e", "content": "", "creation_timestamp": "2026-01-01T14:28:08.225218Z"}, {"uuid": "6baf2fef-1d6b-47cd-909d-8f771b46dbb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15407", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbez2vrux42y", "content": "", "creation_timestamp": "2026-01-01T18:28:19.202301Z"}, {"uuid": "ce3702b7-85c3-4d31-b1f8-ad6678e6f406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15408", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbez6ik6r32u", "content": "", "creation_timestamp": "2026-01-01T18:30:19.372743Z"}, {"uuid": "8b1408e7-60ad-4588-96ed-6f2effd6de13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15406", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbf3nevlwr2y", "content": "", "creation_timestamp": "2026-01-01T19:14:26.510417Z"}, {"uuid": "e126e328-5d63-40b6-a769-662130a12518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15405", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbf3wdcpcd2o", "content": "", "creation_timestamp": "2026-01-01T19:19:26.833286Z"}, {"uuid": "caddc59c-b4e3-40c7-a61d-d571b25f7c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15406", "type": "published-proof-of-concept", "source": "Telegram/xCydJOaZlf8MlIebkeB8NCAUqKbjQ7jZ0mNWvn9t_C1vBEg", "content": "", "creation_timestamp": "2026-01-01T21:00:06.000000Z"}, {"uuid": "1b74fea1-a8f8-4d07-9892-811333a3ef51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1540", "type": "seen", "source": "Telegram/dCBlXJynWGNff457vBpGpGGASxl-yHYYarQixY7W8ulAf7xB", "content": "", "creation_timestamp": "2025-03-08T04:34:09.000000Z"}, {"uuid": "4c108b7d-e2be-4ae8-a9fe-c3cc2e1eb181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15407", "type": "published-proof-of-concept", "source": "Telegram/Q9VzAM0v6yZtgQhp9Nujnyl5McYj-6aRRdeEhfuUdhrukyQ", "content": "", "creation_timestamp": "2026-01-02T21:54:16.000000Z"}, {"uuid": "c17c9dc8-5092-453d-adae-3644aceafa3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15404", "type": "published-proof-of-concept", "source": "Telegram/sF16qz9SaU_DSadNVLgSgh1syTWV3sUsgubpOk2fuZWjrWs", "content": "", "creation_timestamp": "2026-01-02T18:51:49.000000Z"}, {"uuid": "0f703c0b-f1a5-4ed9-a7c8-37cae9bd7d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15406", "type": "seen", "source": "Telegram/W5TN0cicaU2jBrJWqqNsq1vVFaP23IzBfdE6nX--xWy0x0g", "content": "", "creation_timestamp": "2026-01-02T18:52:14.000000Z"}, {"uuid": "50804ac4-bd73-4630-87ec-f750b9e0028e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15407", "type": "published-proof-of-concept", "source": "Telegram/frMBNFr4dxsb7OolQ--BQHkgd4kUrm0gGJMdqCQX5AgtUdY", "content": "", "creation_timestamp": "2026-01-02T18:52:25.000000Z"}, {"uuid": "e986b51a-4e25-4799-8ff8-f4871793fb68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15408", "type": "published-proof-of-concept", "source": "Telegram/frMBNFr4dxsb7OolQ--BQHkgd4kUrm0gGJMdqCQX5AgtUdY", "content": "", "creation_timestamp": "2026-01-02T18:52:25.000000Z"}, {"uuid": "66bb0c32-bb37-4c35-88ad-19fae7a3f704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15408", "type": "published-proof-of-concept", "source": "Telegram/Q9VzAM0v6yZtgQhp9Nujnyl5McYj-6aRRdeEhfuUdhrukyQ", "content": "", "creation_timestamp": "2026-01-02T21:54:16.000000Z"}, {"uuid": "7a1c28aa-8217-49ab-88ea-00d8b59a395e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15409", "type": "published-proof-of-concept", "source": "Telegram/d-ziUJquW87C-wxQ1bihwuEueQX9ENOtUxcvU39erDutk3U", "content": "", "creation_timestamp": "2026-01-02T21:54:27.000000Z"}, {"uuid": "356a5b36-5343-478b-8d0b-b80f7e66fb9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15409", "type": "seen", "source": "Telegram/3f3-cwfXIykKmhboQeDZ-9JfvsVfmMtyX9y0DYWKgM6OqHA", "content": "", "creation_timestamp": "2026-01-02T18:52:46.000000Z"}, {"uuid": "8d829814-d058-4319-944a-efef85a1afdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15403", "type": "published-proof-of-concept", "source": "Telegram/J1TSaArQ0ScFY239N-pEajUhnEKmxSQcewj6uEimw6KDWT0", "content": "", "creation_timestamp": "2026-04-18T23:00:13.000000Z"}, {"uuid": "c375d5f4-b6c9-47ba-b601-002fb184d187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15403", "type": "published-proof-of-concept", "source": "Telegram/fUN7x3zhWJI41Y9qvAix9-DSu_CPZFxW-u6Jn34L6Wbqg7U", "content": "", "creation_timestamp": "2026-04-19T03:00:05.000000Z"}, {"uuid": "8f892a00-82a8-4d46-b24b-7cc57faa9d0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1540", "type": "seen", "source": "https://t.me/cvedetector/19690", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1540 - GitLab External User Project Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1540 \nPublished : March 6, 2025, 9:15 a.m. | 46\u00a0minutes ago \nDescription : An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible for a user added as an External to read and clone internal projects under certain circumstances.\" \nSeverity: 3.1 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T11:20:04.000000Z"}]}