{"vulnerability": "CVE-2025-2760", "sightings": [{"uuid": "e23697c5-d4ac-4240-b2cf-18ac1d812b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ljwvly6g3s2z", "content": "", "creation_timestamp": "2025-03-09T11:09:42.921193Z"}, {"uuid": "492b53fa-3258-4a7a-9296-ac529b718684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114122406631526554", "content": "", "creation_timestamp": "2025-03-07T17:48:55.730583Z"}, {"uuid": "8715a0d6-d1b4-45b2-8a5c-59b243210d0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljso53quqr2s", "content": "", "creation_timestamp": "2025-03-07T18:45:18.466940Z"}, {"uuid": "400eb268-8399-42b5-b632-70c2d4be52a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114122877373392807", "content": "", "creation_timestamp": "2025-03-07T19:48:34.079932Z"}, {"uuid": "df87c483-7235-406b-93a6-0e682e407757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3ljxnvrgwlf2n", "content": "", "creation_timestamp": "2025-03-09T18:24:31.534000Z"}, {"uuid": "acd45df7-7cc2-4ff4-a748-5e7b647d499b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljso547mhy2s", "content": "", "creation_timestamp": "2025-03-07T18:45:19.281129Z"}, {"uuid": "fe90fc53-cd44-4139-970c-4662cbc9b31e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljysfavsc22g", "content": "", "creation_timestamp": "2025-03-10T05:17:26.177016Z"}, {"uuid": "b35c556c-4e41-40f3-813d-c4f48e0ab8b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljuhxhuidl2x", "content": "", "creation_timestamp": "2025-03-08T12:00:08.631435Z"}, {"uuid": "5fa64afd-4ff8-43ca-ba99-4e42c5af28c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljt7pzl7ba2s", "content": "", "creation_timestamp": "2025-03-08T00:00:11.869031Z"}, {"uuid": "89eab84a-1a77-45d5-aaf8-98f75d4cea0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-27607", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljyt774nws2g", "content": "", "creation_timestamp": "2025-03-10T05:31:56.542815Z"}, {"uuid": "f34d15a8-46d2-44cc-917e-d73a62aec3cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2760", "type": "seen", "source": "https://bsky.app/profile/teemutiainen.bsky.social/post/3lqmebk3j3g2x", "content": "", "creation_timestamp": "2025-06-02T08:29:13.966015Z"}, {"uuid": "fb81f298-c02b-4823-86ff-982c102d8c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3ljwrvvf7lc2l", "content": "", "creation_timestamp": "2025-03-09T10:03:34.520769Z"}, {"uuid": "9e2425d7-f096-4159-8740-d38c0acbc07e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://bsky.app/profile/kaldata.bsky.social/post/3lk2eov7p3c2i", "content": "", "creation_timestamp": "2025-03-10T20:17:36.993450Z"}, {"uuid": "f81a2dcc-f70e-432a-aa33-954783e8702d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27608", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lluikvlyz22r", "content": "", "creation_timestamp": "2025-04-02T23:01:29.185489Z"}, {"uuid": "57a5fab6-e483-43de-92fe-525529b5d195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2760", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-203/", "content": "", "creation_timestamp": "2025-04-07T03:00:00.000000Z"}, {"uuid": "ba7ff09f-7452-4a1e-9788-7030b4905338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27601", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "1bad667d-47ce-4073-9918-d02b02ebe198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "3f1526b6-59a9-4e9b-b8c0-e06b15c089af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "37b252ef-6f88-42e4-91a3-c74274156289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:32.000000Z"}, {"uuid": "35f1009b-711d-4cc5-a554-7eb3225e81b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://t.me/cvedetector/19838", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27607 - Python JSON Logger Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27607 \nPublished : March 7, 2025, 5:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party. If the package was claimed, it would allow them RCE on any Python JSON Logger user who installed the development dependencies on Python 3.13 (e.g. pip install python-json-logger[dev]). This issue has been resolved with 3.3.0. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T20:47:50.000000Z"}, {"uuid": "d14d6988-2fb5-4f96-bb34-6d5986dd0592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:36.000000Z"}, {"uuid": "76240bf8-ad4f-402c-b2d6-23d860ea4bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27609", "type": "seen", "source": "https://t.me/cvedetector/21214", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27609 - Icinga Web 2 Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27609 \nPublished : March 26, 2025, 5:15 p.m. | 1\u00a0hour, 31\u00a0minutes ago \nDescription : Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings. Any modern browser with a working CORS implementation also sufficiently guards against the vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T20:35:03.000000Z"}, {"uuid": "e05374de-4f7b-4fa5-87e6-f565d393e153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27604", "type": "seen", "source": "https://t.me/cvedetector/19839", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27604 - XWiki Confluence Migrator Pro Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27604 \nPublished : March 7, 2025, 5:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. The homepage of the application is public which enables a guest to download the package which might contain sensitive information. This vulnerability is fixed in 1.11.7. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T20:47:51.000000Z"}, {"uuid": "4a2d41f9-18e0-4642-a401-a6c04a6ee31e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "https://t.me/cvedetector/19829", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27603 - XWiki Confluence Migrator Pro Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27603 \nPublished : March 7, 2025, 4:15 p.m. | 58\u00a0minutes ago \nDescription : XWiki Confluence Migrator Pro helps admins to import confluence packages into their XWiki instance. A user that doesn't have programming rights can execute arbitrary code due to an unescaped translation when creating a page using the Migration Page template. This vulnerability is fixed in 1.2.0. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T18:17:16.000000Z"}, {"uuid": "ddd0ceb8-2105-414a-9430-905ee3fa6ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27600", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6736", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27600\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intranet. This issue is fixed in 4.9.0.\n\ud83d\udccf Published: 2025-03-06T19:05:59.684Z\n\ud83d\udccf Modified: 2025-03-06T19:05:59.684Z\n\ud83d\udd17 References:\n1. https://github.com/labring/FastGPT/security/advisories/GHSA-vc67-62v5-8cwx", "creation_timestamp": "2025-03-06T19:38:22.000000Z"}, {"uuid": "292eb404-e3a1-4668-b304-c65bc9c5f006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6850", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27607\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing dependency. This occurred because msgspec-python313-pre was deleted by the owner leaving the name open to being claimed by a third party. If the package was claimed, it would allow them RCE on any Python JSON Logger user who installed the development dependencies on Python 3.13 (e.g. pip install python-json-logger[dev]). This issue has been resolved with 3.3.0.\n\ud83d\udccf Published: 2025-03-07T16:18:13.789Z\n\ud83d\udccf Modified: 2025-03-07T16:18:13.789Z\n\ud83d\udd17 References:\n1. https://github.com/nhairs/python-json-logger/security/advisories/GHSA-wmxh-pxcx-9w24\n2. https://github.com/nhairs/python-json-logger/commit/2548e3a2e3cedf6bef3ee7c60c55b7c02d1af11a\n3. https://github.com/nhairs/python-json-logger/commit/e7761e56edb980cfab0165e32469d5fd017a5d72", "creation_timestamp": "2025-03-07T16:35:20.000000Z"}, {"uuid": "a7ceb0db-5941-4960-adf0-0c16aa2d93bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27608", "type": "seen", "source": "https://t.me/cvedetector/21920", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27608 - Arduino IDE Theia Framework Electron Self Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-27608 \nPublished : April 2, 2025, 10:15 p.m. | 20\u00a0minutes ago \nDescription : Arduino IDE 2.x is an IDE based on the Theia IDE framework and built with Electron. A Self Cross-Site Scripting (XSS) vulnerability has been identified within the Arduino-IDE prior to version v2.3.5. The vulnerability occurs in the Additional Board Manager URLs field, which can be found in the Preferences -> Settings section of the Arduino IDE interface. In the vulnerable versions, any values entered in this field are directly displayed to the user through a notification tooltip object, without a proper output encoding routine, due to the underlying ElectronJS engine interpretation. This vulnerability exposes the input parameter to Self-XSS attacks, which may lead to security risks depending on where the malicious payload is injected. This vulnerability is fixed in 2.3.5. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T01:01:26.000000Z"}, {"uuid": "3289df73-990b-426c-ba7a-3529f59cb28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27609", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8896", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27609\n\ud83d\udd25 CVSS Score: 1.1 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U)\n\ud83d\udd39 Description: Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on behalf of that user. This issue has been resolved in versions 2.11.5 and 2.12.3 of Icinga Web 2. As a workaround, those who have Icinga Web 2.12.2 may enable a content security policy in the application settings. Any modern browser with a working CORS implementation also sufficiently guards against the vulnerability.\n\ud83d\udccf Published: 2025-03-26T16:10:19.223Z\n\ud83d\udccf Modified: 2025-03-26T16:10:19.223Z\n\ud83d\udd17 References:\n1. https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5cjw-fwjc-8j38\n2. https://github.com/Icinga/icingaweb2/releases/tag/v2.11.5\n3. https://github.com/Icinga/icingaweb2/releases/tag/v2.12.3", "creation_timestamp": "2025-03-26T16:25:33.000000Z"}, {"uuid": "b8885890-6c2c-4753-8a1f-e16e58b8da18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27608", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10145", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27608\n\ud83d\udd25 CVSS Score: 1 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: Arduino IDE 2.x is an IDE based on the Theia IDE framework and built with Electron. A Self Cross-Site Scripting (XSS) vulnerability has been identified within the Arduino-IDE prior to version v2.3.5. The vulnerability occurs in the Additional Board Manager URLs field, which can be found in the Preferences -> Settings section of the Arduino IDE interface. In the vulnerable versions, any values entered in this field are directly displayed to the user through a notification tooltip object, without a proper output encoding routine, due to the underlying ElectronJS engine interpretation. This vulnerability exposes the input parameter to Self-XSS attacks, which may lead to security risks depending on where the malicious payload is injected. This vulnerability is fixed in 2.3.5.\n\ud83d\udccf Published: 2025-04-02T21:09:16.943Z\n\ud83d\udccf Modified: 2025-04-02T21:09:16.943Z\n\ud83d\udd17 References:\n1. https://github.com/arduino/arduino-ide/security/advisories/GHSA-252h-4j5q-88pc\n2. https://github.com/arduino/arduino-ide/commit/d298b3ffc94008e89066cd999d891e84190da18f", "creation_timestamp": "2025-04-02T21:34:15.000000Z"}, {"uuid": "d3bf42c3-b33c-40ed-a0cf-d9547269be20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "https://t.me/CyberBulletin/2556", "content": "\u26a1Popular Python Logging Library Vulnerable to Remote Code Execution (CVE-2025-27607).\n\n#CyberBulletin", "creation_timestamp": "2025-03-10T14:46:20.000000Z"}, {"uuid": "a0b0b98c-24c7-46d3-8a31-37768d56fdf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27606", "type": "seen", "source": "https://t.me/cvedetector/20309", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27606 - Element Android PIN Guessing Vulnerability (Physical)\", \n  \"Content\": \"CVE ID : CVE-2025-27606 \nPublished : March 14, 2025, 5:15 p.m. | 19\u00a0minutes ago \nDescription : Element Android is an Android Matrix Client provided by Element. Element Android up to version 1.6.32 can, under certain circumstances, fail to logout the user if they input the wrong PIN more than the configured amount of times. An attacker with physical access to a device can exploit this to guess the PIN. Version 1.6.34 solves the issue. \nSeverity: 5.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:04.000000Z"}, {"uuid": "b03aef62-03b7-4f60-aa55-2843e72a8eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27600", "type": "seen", "source": "https://t.me/cvedetector/19735", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27600 - FastGPT Intranet IP Request Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27600 \nPublished : March 6, 2025, 7:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not perform intranet IP verification, an attacker can initiate an intranet IP request, causing the system to initiate a request through the intranet and potentially obtain some private data on the intranet. This issue is fixed in 4.9.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T22:12:20.000000Z"}, {"uuid": "39ca3cbd-0d4e-41ca-9c05-214ca29540c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "published-proof-of-concept", "source": "Telegram/pg7kvtgf18i2NSpY74T8eUGfUmlZbISb88s-xMWif3Xt7vA", "content": "", "creation_timestamp": "2025-03-14T16:00:08.000000Z"}, {"uuid": "91d19102-9974-4fad-bb7c-51f0d0d70bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "Telegram/wgAqaoKVoE2XgO5PoMSlAzGUJXoRr9Arwpep4wOUCR5Oorl5", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "e9d20616-82c9-43d3-8cbb-5e7d36ef0eb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27604", "type": "seen", "source": "Telegram/MKyyCJNfVvpUH0P_EmhW7az9OPnbIUC-jF-3Mo1io2kFbkQ", "content": "", "creation_timestamp": "2025-03-07T18:01:34.000000Z"}, {"uuid": "91a998e1-7101-43da-86ae-116715ae25b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27603", "type": "seen", "source": "Telegram/MKyyCJNfVvpUH0P_EmhW7az9OPnbIUC-jF-3Mo1io2kFbkQ", "content": "", "creation_timestamp": "2025-03-07T18:01:34.000000Z"}, {"uuid": "2acce465-21cb-467c-abfb-c529b40b14d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27607", "type": "seen", "source": "Telegram/MKyyCJNfVvpUH0P_EmhW7az9OPnbIUC-jF-3Mo1io2kFbkQ", "content": "", "creation_timestamp": "2025-03-07T18:01:34.000000Z"}]}