{"vulnerability": "CVE-2025-2751", "sightings": [{"uuid": "0452cb6c-7657-4677-8711-03a1db3b6080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lk3cvq25i22p", "content": "", "creation_timestamp": "2025-03-11T05:18:20.740523Z"}, {"uuid": "cd702a2a-e7a6-41ee-a28d-417ec45f05c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27512", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lklphu7xkg2j", "content": "", "creation_timestamp": "2025-03-17T17:45:51.159376Z"}, {"uuid": "f73a047b-9849-44dc-b922-238930bca982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ljz32azeus2i", "content": "", "creation_timestamp": "2025-03-10T07:52:24.218238Z"}, {"uuid": "946fe5fb-288e-4da1-93b8-ef0658ea009c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-27517", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljytjrg4y22g", "content": "", "creation_timestamp": "2025-03-10T05:37:51.462127Z"}, {"uuid": "070c5b35-1152-49ee-b39e-3b7b22ef4753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3ljz7chipv22w", "content": "", "creation_timestamp": "2025-03-10T09:08:31.949801Z"}, {"uuid": "06213fd0-dd1a-4153-99dd-5e6958669ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljts5jd2s22i", "content": "", "creation_timestamp": "2025-03-08T05:29:49.690689Z"}, {"uuid": "29fe3019-538a-402b-8812-ae9ab68de813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27516", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljo5nltrws22", "content": "", "creation_timestamp": "2025-03-05T23:39:41.947280Z"}, {"uuid": "59639923-5027-4c95-88a3-c2eddc2c1665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "7768a966-b215-4fa7-8271-6d8e2c3f541c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27512", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}, {"uuid": "32d4f37e-401a-4453-9806-e7d5257e3207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "ec0a4145-8656-447a-8d15-0cb1f802a412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27513", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-19T02:47:48.000000Z"}, {"uuid": "7221c2e6-2d38-4465-86d3-3d16aed9653b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27513", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-18T13:31:24.000000Z"}, {"uuid": "92b36c50-a50b-440c-ae35-0a7dfa3adbf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:33.000000Z"}, {"uuid": "14aceff8-9aa5-4d98-9a4a-14c6898e4ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-27516", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "95867c70-45f4-49fc-b6ae-aaf501bf3458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27516", "type": "seen", "source": "MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7", "content": "", "creation_timestamp": "2025-08-18T18:30:59.000000Z"}, {"uuid": "35bee083-14e2-4161-8718-78536ed25274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27510", "type": "seen", "source": "MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7", "content": "", "creation_timestamp": "2025-08-18T18:31:00.000000Z"}, {"uuid": "72a6bb0a-a738-491f-babe-6ff4d70b6656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:36.000000Z"}, {"uuid": "1d8a8501-4b55-4750-869d-04c81dc1685a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27512", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:31.000000Z"}, {"uuid": "61f9d190-3ffd-4c55-8927-b1c9ff40051f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lx6f2o3fi42m", "content": "", "creation_timestamp": "2025-08-24T21:02:23.941495Z"}, {"uuid": "537b456f-ff18-4997-a7f2-c4fc3260895a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27516", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m7nkfsgyu22o", "content": "", "creation_timestamp": "2025-12-10T17:09:34.792370Z"}, {"uuid": "a8e21fe1-2abc-4f8f-8efc-972a34b930c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "published-proof-of-concept", "source": "Telegram/vpx3YKOcAueFTTlBXmAmNxsIEwTkvSUeFD5DKiDa4uIA5wkK", "content": "", "creation_timestamp": "2025-09-11T08:57:04.000000Z"}, {"uuid": "1611d7ee-6738-4731-b1e3-dc80dd5b05c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27510", "type": "seen", "source": "https://t.me/cvedetector/19547", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27510 - Conda-Forge Metadata Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27510 \nPublished : March 4, 2025, 10:15 p.m. | 34\u00a0minutes ago \nDescription : conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - \"conda-oci-mirror\" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in remote code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T00:12:40.000000Z"}, {"uuid": "e6d33f9b-c56a-448b-af93-05515982f10b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "published-proof-of-concept", "source": "Telegram/ORE3MMM_vpcFU2FjMQTGySfuaiwtBaT_1pbiZmi7UZCilEk", "content": "", "creation_timestamp": "2025-12-30T09:00:05.000000Z"}, {"uuid": "608e6890-a24d-456c-baf9-56bb9302e7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "seen", "source": "Telegram/oK6YZ201yH3u36Ld86AIM6irgNnEFdkEpiqcu6eWwkf1L3w", "content": "", "creation_timestamp": "2025-09-11T08:57:05.000000Z"}, {"uuid": "cb7ebe65-b4fd-48a0-85ad-4f7f2a695596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/48659", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPoC exploit for Below privilege escalation (CVE-2025-27591) allowing local root access via symlink manipulation in world-writable log directory.\nURL\uff1ahttps://github.com/Diabl0xE/CVE-2025-27519\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-22T12:34:40.000000Z"}, {"uuid": "71a6c5c2-8d43-4264-bb8b-d0147775c827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "seen", "source": "https://t.me/cvedetector/19831", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27519 - TrueFoundry Cognita Remote Code Execution via Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2025-27519 \nPublished : March 7, 2025, 4:15 p.m. | 58\u00a0minutes ago \nDescription : Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setup using Docker. Because the docker environment sets up the backend uvicorn server with auto reload enabled, when an attacker overwrites the /app/backend/__init__.py file, the file will automatically be reloaded and executed. This allows an attacker to get remote code execution in the context of the Docker container. This vulnerability is fixed in commit a78bd065e05a1b30a53a3386cc02e08c317d2243. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T18:17:18.000000Z"}, {"uuid": "b8fe9453-c163-47c3-80e5-1d75b0263799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "seen", "source": "https://t.me/cvedetector/19830", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27518 - TrueFoundry Cognita CORS Misconfiguration\", \n  \"Content\": \"CVE ID : CVE-2025-27518 \nPublished : March 7, 2025, 4:15 p.m. | 58\u00a0minutes ago \nDescription : Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixed in commit 75079c3d3cf376381489b9a82ee46c69024e1a15. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T18:17:17.000000Z"}, {"uuid": "117c5530-1cbf-4d4b-825e-3a8309ac58ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "published-proof-of-concept", "source": "Telegram/zNiXDuAdWj1sUxxVU5JjhobD5YqZbFR_XafKNg2cvfA4J_I", "content": "", "creation_timestamp": "2025-09-10T09:39:11.000000Z"}, {"uuid": "19375e5a-c9a8-4735-83c5-a66bf338fa7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27510", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6454", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27510\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: conda-forge-metadata provides programatic access to conda-forge's metadata. conda-forge-metadata uses an optional dependency - \"conda-oci-mirror\" which was neither present on the PyPi repository nor registered by any entity. If conda-oci-mirror is taken over by a threat actor, it can result in remote code execution.\n\ud83d\udccf Published: 2025-03-04T21:48:12.688Z\n\ud83d\udccf Modified: 2025-03-04T21:48:12.688Z\n\ud83d\udd17 References:\n1. https://github.com/conda-forge/conda-forge-metadata/security/advisories/GHSA-vwfh-m3q7-9jpw\n2. https://github.com/conda-forge/conda-forge-metadata/blob/799aee36b21ee06289d73d57838b28201f5a57af/pyproject.toml#L28", "creation_timestamp": "2025-03-04T22:33:26.000000Z"}, {"uuid": "78f3bd4f-0402-4a9c-a4eb-911dd3637490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27513", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6584", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27513\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: OpenTelemetry dotnet is a dotnet telemetry framework. A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service (DoS) when a tracestate and traceparent header is received. Even if an application does not explicitly use trace context propagation, receiving these headers can still trigger high CPU usage. This issue impacts any application accessible over the web or backend services that process HTTP requests containing a tracestate header. Application may experience excessive resource consumption, leading to increased latency, degraded performance, or downtime. This vulnerability is fixed in 1.11.2.\n\ud83d\udccf Published: 2025-03-05T18:12:25.867Z\n\ud83d\udccf Modified: 2025-03-05T18:19:02.492Z\n\ud83d\udd17 References:\n1. https://github.com/open-telemetry/opentelemetry-dotnet/security/advisories/GHSA-8785-wc3w-h8q6\n2. https://github.com/open-telemetry/opentelemetry-dotnet/commit/1b555c1201413f2f55f2cd3c4ba03ef4b615b6b5", "creation_timestamp": "2025-03-05T18:55:30.000000Z"}, {"uuid": "b4ac097f-db44-43b8-a7ac-27d00e651936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6901", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27519\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setup using Docker. Because the docker environment sets up the backend uvicorn server with auto reload enabled, when an attacker overwrites the /app/backend/__init__.py file, the file will automatically be reloaded and executed. This allows an attacker to get remote code execution in the context of the Docker container. This vulnerability is fixed in commit a78bd065e05a1b30a53a3386cc02e08c317d2243.\n\ud83d\udccf Published: 2025-03-07T15:36:34.819Z\n\ud83d\udccf Modified: 2025-03-07T21:48:51.891Z\n\ud83d\udd17 References:\n1. https://securitylab.github.com/advisories/GHSL-2024-193_GHSL-2024-194_Cognita/\n2. https://github.com/truefoundry/cognita/pull/393\n3. https://github.com/truefoundry/cognita/commit/a78bd065e05a1b30a53a3386cc02e08c317d2243", "creation_timestamp": "2025-03-07T22:35:52.000000Z"}, {"uuid": "3978e09a-0efe-4076-bd3b-3fc09bac4541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6900", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27518\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixed in commit 75079c3d3cf376381489b9a82ee46c69024e1a15.\n\ud83d\udccf Published: 2025-03-07T15:36:48.366Z\n\ud83d\udccf Modified: 2025-03-07T21:49:40.505Z\n\ud83d\udd17 References:\n1. https://securitylab.github.com/advisories/GHSL-2024-193_GHSL-2024-194_Cognita/\n2. https://github.com/truefoundry/cognita/pull/424\n3. https://github.com/truefoundry/cognita/commit/75079c3d3cf376381489b9a82ee46c69024e1a15", "creation_timestamp": "2025-03-07T22:35:48.000000Z"}, {"uuid": "bc0b3a8e-1fe6-4d56-9033-28e8d76a3551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27516", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14211", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27516\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. This vulnerability is fixed in 3.1.6.\n\ud83d\udccf Published: 2025-03-05T20:40:06.568Z\n\ud83d\udccf Modified: 2025-05-01T00:13:00.395Z\n\ud83d\udd17 References:\n1. https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\n2. https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403", "creation_timestamp": "2025-05-01T01:13:33.000000Z"}, {"uuid": "ac55ebb5-46df-4226-9a58-71062c68e1aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2751", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8626", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2751\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of the argument na leads to out-of-bounds read. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-25T07:31:05.393Z\n\ud83d\udccf Modified: 2025-03-25T07:31:05.393Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.300856\n2. https://vuldb.com/?ctiid.300856\n3. https://vuldb.com/?submit.517785\n4. https://github.com/assimp/assimp/issues/6012\n5. https://github.com/assimp/assimp/issues/6012#issue-2877369817", "creation_timestamp": "2025-03-25T08:23:37.000000Z"}, {"uuid": "04eeb96b-2b5f-477b-807b-4f46b48a705d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "seen", "source": "Telegram/njw-SNmCnbbXLCSpNl5uy3bNGXnaRITwKMK2nK-7tXRcVmk", "content": "", "creation_timestamp": "2025-09-10T00:16:42.000000Z"}, {"uuid": "2521ca4d-440d-47f0-a033-a7ae70f810d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "seen", "source": "Telegram/bwVzUQfKSxu5nCl33CD_LUzO1KudwUst0NGX-dgwqjNGVZk", "content": "", "creation_timestamp": "2025-09-10T11:52:35.000000Z"}, {"uuid": "2569e44b-b93d-46bf-975c-2e0270459bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "published-proof-of-concept", "source": "Telegram/t1LhqdJOG1EFy6jlM73bhz_qlF1T-sLBuRLYxQFOHpc1fDqB", "content": "", "creation_timestamp": "2025-09-10T09:39:10.000000Z"}, {"uuid": "0979b05d-2c1b-4911-87d7-ef4bcfcc784e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "seen", "source": "Telegram/qnVR2SX41ef1kt-yWW971_--D-c1QbD0TjF0HQIOIn_BSoof", "content": "", "creation_timestamp": "2025-09-10T11:52:34.000000Z"}, {"uuid": "caf045f2-6614-4bf2-8160-73079c1301ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "seen", "source": "Telegram/Ej67y3-U2qHOzlICcSBmxU5ToM5GicFe3MyQPrVdZemdOpk", "content": "", "creation_timestamp": "2025-09-11T00:11:52.000000Z"}, {"uuid": "24d0402f-91ef-4efd-ad5b-02e6593aa306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "published-proof-of-concept", "source": "Telegram/lVThFqOS_-THLS2nDZbOqeID9ULvGm_dMtchXCk4uxGtisKK", "content": "", "creation_timestamp": "2025-09-10T00:16:41.000000Z"}, {"uuid": "933f0f39-6cbd-454f-af6f-8ef351a427d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "published-proof-of-concept", "source": "Telegram/YV3DzczepKMR7yX0myz2JF3364L5RRSBkaP7xNBo9eCoSic", "content": "", "creation_timestamp": "2025-08-22T15:00:05.000000Z"}, {"uuid": "28c1ad6d-31f8-41f1-bbfa-299cfb26a141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "published-proof-of-concept", "source": "Telegram/EGOUJD2a37DEvGpdSqtSHRzspBjiMe3SU1ygXi4t4agUL80", "content": "", "creation_timestamp": "2025-08-24T07:00:08.000000Z"}, {"uuid": "99250444-0732-46c3-8f09-dc46977967e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "seen", "source": "Telegram/yPqQ91miaB-2D89EM1FeuaCQM9WzAEZThEuC_Ossz7SbN555", "content": "", "creation_timestamp": "2025-09-11T00:11:51.000000Z"}, {"uuid": "ecfd86f7-2038-4e3a-ae5a-f7b900041899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27512", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/20474", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27512 - Fedora CoreOS Zincati Polkit Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-27512 \nPublished : March 17, 2025, 3:15 p.m. | 33\u00a0minutes ago \nDescription : Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot the system into the deployed update. Since Zincati v0.0.24, this polkit rule contains a logic error which broadens access of those polkit actions to any unprivileged user rather than just the `zincati` system user. In practice, this means that any unprivileged user with access to the system D-Bus socket is able to deploy older Fedora CoreOS versions (which may have other known vulnerabilities). Note that rpm-ostree enforces that the selected version must be from the same branch the system is currently on so this cannot directly be used to deploy an attacker-controlled update payload. This primarily impacts users running untrusted workloads with access to the system D-Bus socket. Note that in general, untrusted workloads should not be given this access, whether containerized or not. By default, containers do not have access to the system D-Bus socket. The logic error is fixed in Zincati v0.0.30. A workaround is to manually add a following polkit rule, instructions for which are available in the GitHub Security Advisory. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T17:28:05.000000Z"}, {"uuid": "e0cbc615-558b-4337-bcbb-0637316d6706", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "seen", "source": "Telegram/fwDL3VQ5yUZM-k_IxariZXYTJP8m3JO79CP3ShKuMh_W04Yy", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "26b23f81-9311-47fa-94e5-bb88d9c26439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2751", "type": "seen", "source": "https://t.me/cvedetector/21080", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2751 - Open Asset Import Library Assimp CSM File Handler Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2751 \nPublished : March 25, 2025, 8:15 a.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of the argument na leads to out-of-bounds read. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T11:08:07.000000Z"}, {"uuid": "9b28286f-eed8-4011-9ad8-73ba2d60bc7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27516", "type": "seen", "source": "https://t.me/cvedetector/19664", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27516 - Jinja Template Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27516 \nPublished : March 5, 2025, 9:15 p.m. | 2\u00a0hours, 22\u00a0minutes ago \nDescription : Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. This vulnerability is fixed in 3.1.6. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T01:18:22.000000Z"}, {"uuid": "5ef86945-7d0d-4f0c-9091-ef0d9bc36ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27515", "type": "seen", "source": "https://t.me/cvedetector/19655", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27515 - Laravel Wildcard Validation Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-27515 \nPublished : March 5, 2025, 7:15 p.m. | 2\u00a0hours, 13\u00a0minutes ago \nDescription : Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T22:47:44.000000Z"}, {"uuid": "e86ea344-251f-4302-8ccf-2e1cfaff571c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27513", "type": "seen", "source": "https://t.me/cvedetector/19654", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27513 - OpenTelemetry DoS Header Processing\", \n  \"Content\": \"CVE ID : CVE-2025-27513 \nPublished : March 5, 2025, 7:15 p.m. | 2\u00a0hours, 13\u00a0minutes ago \nDescription : OpenTelemetry dotnet is a dotnet telemetry framework. A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service (DoS) when a tracestate and traceparent header is received. Even if an application does not explicitly use trace context propagation, receiving these headers can still trigger high CPU usage. This issue impacts any application accessible over the web or backend services that process HTTP requests containing a tracestate header. Application may experience excessive resource consumption, leading to increased latency, degraded performance, or downtime. This vulnerability is fixed in 1.11.2. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T22:47:43.000000Z"}, {"uuid": "b7f6206c-c1ca-48be-8a6c-a8fdcb1f03de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "https://t.me/cvedetector/19652", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27517 - \"Volt Livewire Remote Code Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-27517 \nPublished : March 5, 2025, 8:16 p.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-05T22:47:42.000000Z"}, {"uuid": "d2d1f42d-216a-46c7-a091-f262256286d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "seen", "source": "Telegram/6dZxXuLv-IgV5giZ8ai7Br2Q-GAO7pWWAKqj-9hZGh35uxQ0", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "7ae10675-cfbd-402f-9b89-bf891f865170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27510", "type": "published-proof-of-concept", "source": "Telegram/kKmhqMAO0G41xSuzHMEpIuMySOUPwocgu6rbuAMEaHx4Gt4", "content": "", "creation_timestamp": "2025-03-04T23:30:46.000000Z"}, {"uuid": "7ba02055-970a-4358-b5c3-d8c1aaa8e3b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27517", "type": "seen", "source": "https://t.me/CyberBulletin/2553", "content": "\u26a11.08M Downloads at Risk: Volt Fixes Severe RCE Vulnerability (CVE-2025-27517).\n\n#CyberBulletin", "creation_timestamp": "2025-03-10T14:45:04.000000Z"}, {"uuid": "e6375f96-b2c9-490a-9867-65f34406bad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27519", "type": "seen", "source": "Telegram/GvPZHyEbeVxrI-_IlIz9tH0tmbQ0NIgaQyLb0r6ME-4MX0o", "content": "", "creation_timestamp": "2025-03-07T17:01:02.000000Z"}]}