{"vulnerability": "CVE-2025-2976", "sightings": [{"uuid": "3d783127-62d9-4efd-8d36-50bd34b249e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29768", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114156493377607996", "content": "", "creation_timestamp": "2025-03-13T18:17:33.366022Z"}, {"uuid": "cad13fb0-7650-4a04-ab04-5274d8e06078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29763", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo5cpoyxze2l", "content": "", "creation_timestamp": "2025-05-01T22:01:02.026519Z"}, {"uuid": "138fa6f6-7e6b-41b0-bdfd-0b7486315b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2976", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:57.000000Z"}, {"uuid": "5bacfac3-cf24-4095-8f34-3f51b3409574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2976", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "1d7edd08-32d4-473d-a3d7-45f4e77f20c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29768", "type": "seen", "source": "https://t.me/cvedetector/20240", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29768 - Vim Zip File Data Loss Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29768 \nPublished : March 13, 2025, 5:15 p.m. | 43\u00a0minutes ago \nDescription : Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T19:48:18.000000Z"}, {"uuid": "4039904a-f2d8-4059-812b-d505974c5f87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29768", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14623", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29768\n\ud83d\udd25 CVSS Score: 4.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim patch v9.1.1198.\n\ud83d\udccf Published: 2025-03-13T17:04:56.920Z\n\ud83d\udccf Modified: 2025-05-02T23:03:03.457Z\n\ud83d\udd17 References:\n1. https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf\n2. https://github.com/vim/vim/commit/f209dcd3defb95bae21b2740910e6aa7bb940531", "creation_timestamp": "2025-05-02T23:17:17.000000Z"}, {"uuid": "da051bff-8389-42c1-8904-8f13ca5bcb6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29766", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9758", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29766\n\ud83d\udd25 CVSS Score: 4.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap has missing CSRF protections on artifact submission & edition from the tracker view. An attacker could use this vulnerability to trick victims into submitting or editing artifacts or follow-up comments. The vulnerability is fixed in Tuleap Community Edition 16.5.99.1741784483 and Tuleap Enterprise Edition 16.5-3 and 16.4-8.\n\ud83d\udccf Published: 2025-03-31T15:38:00.273Z\n\ud83d\udccf Modified: 2025-03-31T18:36:27.728Z\n\ud83d\udd17 References:\n1. https://github.com/Enalean/tuleap/security/advisories/GHSA-6p9q-p2q4-3rqx\n2. https://github.com/Enalean/tuleap/commit/81f45330fdcc1329cc71eddf4d04b80c340b3b93\n3. https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=81f45330fdcc1329cc71eddf4d04b80c340b3b93\n4. https://tuleap.net/plugins/tracker/?aid=42208", "creation_timestamp": "2025-03-31T19:31:25.000000Z"}, {"uuid": "595b2c69-3766-4331-b8bc-404cbe38345e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29769", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10787", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29769\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: libvips is a demand-driven, horizontally threaded image processing library.  The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as \"multiband\". There aren't many ways to create a \"multiband\" input, but it is possible with a well-crafted TIFF image. If a \"multiband\" TIFF input image had 4 channels and HEIF-based output was requested, this led to libvips creating a 3 channel HEIF image without an alpha channel but then attempting to write 4 channels of data. This caused a heap buffer overflow, which could crash the process. This vulnerability is fixed in 8.16.1.\n\ud83d\udccf Published: 2025-04-07T20:09:30.971Z\n\ud83d\udccf Modified: 2025-04-07T20:09:30.971Z\n\ud83d\udd17 References:\n1. https://github.com/libvips/libvips/security/advisories/GHSA-f8r8-43hh-rghm\n2. https://github.com/libvips/libvips/pull/4392\n3. https://github.com/libvips/libvips/pull/4394\n4. https://github.com/libvips/libvips/commit/9ab6784f693de50b00fa535b9efbbe9d2cbf71f2\n5. https://issues.oss-fuzz.com/issues/396460413", "creation_timestamp": "2025-04-07T20:46:19.000000Z"}, {"uuid": "8e3033af-90bf-4479-a65f-b958be40ed2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29769", "type": "seen", "source": "https://t.me/cvedetector/22341", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29769 - Libvips HEIF Alpha Channel Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-29769 \nPublished : April 7, 2025, 8:15 p.m. | 35\u00a0minutes ago \nDescription : libvips is a demand-driven, horizontally threaded image processing library.  The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as \"multiband\". There aren't many ways to create a \"multiband\" input, but it is possible with a well-crafted TIFF image. If a \"multiband\" TIFF input image had 4 channels and HEIF-based output was requested, this led to libvips creating a 3 channel HEIF image without an alpha channel but then attempting to write 4 channels of data. This caused a heap buffer overflow, which could crash the process. This vulnerability is fixed in 8.16.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T22:55:41.000000Z"}, {"uuid": "cf5c1d07-b43e-4f0a-95bd-2779aa5332be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29766", "type": "seen", "source": "https://t.me/cvedetector/21622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29766 - Tuleap CSRF Insecure Artifact Submission and Editing\", \n  \"Content\": \"CVE ID : CVE-2025-29766 \nPublished : March 31, 2025, 4:15 p.m. | 48\u00a0minutes ago \nDescription : Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap has missing CSRF protections on artifact submission & edition from the tracker view. An attacker could use this vulnerability to trick victims into submitting or editing artifacts or follow-up comments. The vulnerability is fixed in Tuleap Community Edition 16.5.99.1741784483 and Tuleap Enterprise Edition 16.5-3 and 16.4-8. \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:31.000000Z"}, {"uuid": "343c92e7-e598-4d83-98b8-f9fd7a0c71d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2976", "type": "seen", "source": "https://t.me/cvedetector/21556", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2976 - GFI KerioConnect Cross Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2976 \nPublished : March 31, 2025, 5:15 a.m. | 1\u00a0hour, 29\u00a0minutes ago \nDescription : A vulnerability was found in GFI KerioConnect 10.0.6. It has been classified as problematic. Affected is an unknown function of the component File Upload. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T09:09:17.000000Z"}, {"uuid": "9452602d-64a5-4e51-a3a2-75f16c2ba360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29769", "type": "published-proof-of-concept", "source": "Telegram/3EfgoDCgsZV2jrDoMOtiTNQ-3vGb1DmoSDddJ2HOXGt5OW4", "content": "", "creation_timestamp": "2025-04-07T22:30:13.000000Z"}]}