{"vulnerability": "CVE-2025-3021", "sightings": [{"uuid": "3b7d5000-793b-4033-9dec-862e5f881909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30212", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7xdowq6l26", "content": "", "creation_timestamp": "2025-03-25T18:59:51.863681Z"}, {"uuid": "20046446-ec03-4e4e-a459-74f498c27c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30219", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llalqxstrh2l", "content": "", "creation_timestamp": "2025-03-26T01:05:15.816000Z"}, {"uuid": "8ca3263d-9446-4c88-9220-fe0f6fa43108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30214", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7xdp7xpn2j", "content": "", "creation_timestamp": "2025-03-25T18:59:52.643465Z"}, {"uuid": "0eea3c30-5b84-415d-862c-57447b9d3b46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30216", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lla4xenrw42v", "content": "", "creation_timestamp": "2025-03-25T20:40:22.311218Z"}, {"uuid": "3be1afec-ccbb-49d1-95bc-47e21f7250e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30213", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7xdpjzy52j", "content": "", "creation_timestamp": "2025-03-25T18:59:54.506396Z"}, {"uuid": "b9843a2e-4e18-45f3-8ad7-0d3d82ff7a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30216", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lla6dgqizm26", "content": "", "creation_timestamp": "2025-03-25T21:05:01.460799Z"}, {"uuid": "291de43c-fab4-47c2-945a-781e2d72901d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30215", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lmdfwoy3tt2z", "content": "", "creation_timestamp": "2025-04-08T21:24:12.558555Z"}, {"uuid": "9ecf7f68-adac-4006-b633-a6845e9e8b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30218", "type": "seen", "source": "https://bsky.app/profile/feedbot.unronritaro.net/post/3lltyj64efo2d", "content": "", "creation_timestamp": "2025-04-02T18:14:04.701829Z"}, {"uuid": "365d7d2c-a39f-4e7b-a5f4-50755e581f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30218", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270672120502866", "content": "", "creation_timestamp": "2025-04-02T22:14:42.954633Z"}, {"uuid": "0f7ec2e4-1345-4717-9f5b-2fd94df1bac0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30218", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114270672120502866", "content": "", "creation_timestamp": "2025-04-02T22:14:42.963084Z"}, {"uuid": "e65287cd-d110-4c2c-a453-3f9016f6f4f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30218", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lluikvzlgw2h", "content": "", "creation_timestamp": "2025-04-02T23:01:31.697097Z"}, {"uuid": "020a58e3-e5f8-444d-b263-c0fe4140b666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30218", "type": "seen", "source": "https://bsky.app/profile/azu.bsky.social/post/3llutwttpqh2u", "content": "", "creation_timestamp": "2025-04-03T02:24:54.084272Z"}, {"uuid": "4be1865c-37fe-420d-9588-6ebfb2418337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30218", "type": "seen", "source": "https://bsky.app/profile/rss.y-u-e.workers.dev/post/3llvjzhfedw2s", "content": "", "creation_timestamp": "2025-04-03T09:00:04.984194Z"}, {"uuid": "9472ab36-4150-4c94-963f-11a3a1adf351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30215", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmy4zsrbkk2l", "content": "", "creation_timestamp": "2025-04-17T03:10:48.537984Z"}, {"uuid": "4ca6ba43-84a6-42b7-a497-7abed9108062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30215", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmvkzr3nzp2h", "content": "", "creation_timestamp": "2025-04-16T02:43:20.846599Z"}, {"uuid": "41c6e4ad-543f-45b2-8757-a69bf512c4e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30215", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114345358059475694", "content": "", "creation_timestamp": "2025-04-16T02:48:19.661328Z"}, {"uuid": "ae518810-1472-4741-a835-0608d7f0e41c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30216", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:58.000000Z"}, {"uuid": "717222f5-334b-4ca1-a29c-81cb13867b24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30219", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lp5vtsz26s2t", "content": "", "creation_timestamp": "2025-05-14T21:08:35.335597Z"}, {"uuid": "8c67a736-ce0d-4850-b696-91430c622bfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30219", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lp5xqz67g22t", "content": "", "creation_timestamp": "2025-05-14T21:42:47.629968Z"}, {"uuid": "8043645e-9b22-46ab-8c25-9f24f2e1a481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30215", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3lmzyj3soj22o", "content": "", "creation_timestamp": "2025-04-17T20:55:12.454223Z"}, {"uuid": "eb39ef40-2ff3-44dc-bc25-04433ca39645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3021", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "f9263899-5e95-4144-9060-57553b00fa13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3021", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:56.000000Z"}, {"uuid": "62bbbe3d-3e5d-4b64-8207-ead9bfbafa1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30216", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "b5aef926-496f-4887-8b37-b298b4714b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30219", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mdakyxumy22a", "content": "", "creation_timestamp": "2026-01-25T10:56:29.132536Z"}, {"uuid": "b0857bbc-1eb1-42db-a905-84eea209a44f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30219", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mdapvifyzk2a", "content": "", "creation_timestamp": "2026-01-25T12:24:01.150928Z"}, {"uuid": "7b353d6e-5606-4096-bca4-88ad89ab516d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30214", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8689", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30214\n\ud83d\udd25 CVSS Score: 8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: Frappe is a full-stack web application framework. Prior to versions 14.89.0 and 15.51.0, making crafted requests could lead to information disclosure that could further lead to account takeover. Versions 14.89.0 and 15.51.0 fix the issue. There's no workaround to fix this without upgrading.\n\ud83d\udccf Published: 2025-03-25T15:05:42.656Z\n\ud83d\udccf Modified: 2025-03-25T15:05:42.656Z\n\ud83d\udd17 References:\n1. https://github.com/frappe/frappe/security/advisories/GHSA-qrv3-jc3h-f3m6", "creation_timestamp": "2025-03-25T15:24:11.000000Z"}, {"uuid": "e4c7ec75-7834-42db-84c9-1ff5d8dde758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30217", "type": "seen", "source": "https://t.me/cvedetector/21212", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30217 - Frappe SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30217 \nPublished : March 26, 2025, 5:15 p.m. | 1\u00a0hour, 31\u00a0minutes ago \nDescription : Frappe is a full-stack web application framework. Prior to versions 14.93.2 and 15.55.0, a SQL Injection vulnerability has been identified in Frappe Framework which could allow a malicious actor to access sensitive information. Versions 14.93.2 and 15.55.0 contain a patch for the issue. No known workarounds are available. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T20:35:02.000000Z"}, {"uuid": "42fb144d-a67b-4ad0-a6df-ff0b3ab528c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30217", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8883", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30217\n\ud83d\udd25 CVSS Score: 4.6 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: Frappe is a full-stack web application framework. Prior to versions 14.93.2 and 15.55.0, a SQL Injection vulnerability has been identified in Frappe Framework which could allow a malicious actor to access sensitive information. Versions 14.93.2 and 15.55.0 contain a patch for the issue. No known workarounds are available.\n\ud83d\udccf Published: 2025-03-26T16:18:31.638Z\n\ud83d\udccf Modified: 2025-03-26T16:18:31.638Z\n\ud83d\udd17 References:\n1. https://github.com/frappe/frappe/security/advisories/GHSA-6phg-4wmq-h5h3", "creation_timestamp": "2025-03-26T16:25:15.000000Z"}, {"uuid": "8b6d7a72-c7f9-47df-bbaf-b3618dc88925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30213", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8690", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30213\n\ud83d\udd25 CVSS Score: 6.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: Frappe is a full-stack web application framework. Prior to versions 14.91.0 and 15.52.0, a system user was able to create certain documents in a specific way that could lead to remote code execution. Versions 14.9.1 and 15.52.0 contain a patch for the vulnerability. There's no workaround; an upgrade is required.\n\ud83d\udccf Published: 2025-03-25T14:55:04.949Z\n\ud83d\udccf Modified: 2025-03-25T15:04:26.512Z\n\ud83d\udd17 References:\n1. https://github.com/frappe/frappe/security/advisories/GHSA-v342-4xr9-x3q3", "creation_timestamp": "2025-03-25T15:24:11.000000Z"}, {"uuid": "b3f2d7d1-273a-44a3-882c-738f9db92f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30211", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9379", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30211\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message. Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. Versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19 fix the issue. Some workarounds are available. One may set option `parallel_login` to `false` and/or reduce the `max_sessions` option.\n\ud83d\udccf Published: 2025-03-28T14:55:47.778Z\n\ud83d\udccf Modified: 2025-03-28T15:10:37.128Z\n\ud83d\udd17 References:\n1. https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc", "creation_timestamp": "2025-03-28T15:28:54.000000Z"}, {"uuid": "be1a4f13-c7cd-4a2a-b80d-d3a27723a537", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3021", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9625", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3021\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the \u2018file\u2019 parameter in the /downloadReport.php endpoint.\n\ud83d\udccf Published: 2025-03-31T10:12:45.843Z\n\ud83d\udccf Modified: 2025-03-31T10:12:45.843Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-e-management-e-solutions", "creation_timestamp": "2025-03-31T10:30:32.000000Z"}, {"uuid": "a07dfc81-6222-449b-ac7e-874061886b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30215", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11979", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30215\n\ud83d\udd25 CVSS Score: 9.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H)\n\ud83d\udd39 Description: NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11.1, the management of JetStream assets happens with messages in the $JS. subject namespace in the system account; this is partially exposed into regular accounts to allow account holders to manage their assets. Some of the JS API requests were missing access controls, allowing any user with JS management permissions in any account to perform certain administrative actions on any JS asset in any other account. At least one of the unprotected APIs allows for data destruction. None of the affected APIs allow disclosing stream contents. This vulnerability is fixed in v2.11.1 or v2.10.27.\n\ud83d\udccf Published: 2025-04-15T23:25:43.143Z\n\ud83d\udccf Modified: 2025-04-16T00:12:20.161Z\n\ud83d\udd17 References:\n1. https://github.com/nats-io/nats-server/security/advisories/GHSA-fhg8-qxh5-7q3w\n2. https://advisories.nats.io/CVE/secnote-2025-01.txt", "creation_timestamp": "2025-04-16T00:55:19.000000Z"}, {"uuid": "9679331a-1da7-4a36-bdf8-c93fbc59fd7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30210", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9911", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30210\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: Bruno is an open source IDE for exploring and testing APIs. Prior to 1.39.1, the custom tool-tip components which internally use react-tooltip were setting the content (in this case the Environment name) as raw HTML which then gets injected into DOM on hover. This, combined with loose Content Security Policy restrictions, allowed any valid HTML text containing inline script to get executed on hovering over the respective Environment's name. This vulnerability's attack surface is limited strictly to scenarios where users import collections from untrusted or malicious sources. The exploit requires deliberate action from the user\u2014specifically, downloading and opening an externally provided malicious Bruno or Postman collection export and the user hovers on the environment name. This vulnerability is fixed in 1.39.1.\n\ud83d\udccf Published: 2025-04-01T14:16:57.897Z\n\ud83d\udccf Modified: 2025-04-01T14:16:57.897Z\n\ud83d\udd17 References:\n1. https://github.com/usebruno/bruno/security/advisories/GHSA-fqxc-cxph-9vq8", "creation_timestamp": "2025-04-01T14:33:12.000000Z"}, {"uuid": "4f6eef14-9d59-4478-a4d1-b707b496f46b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30218", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10140", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30218\n\ud83d\udd25 CVSS Score: 1.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which persisted across multiple incoming requests. However, this subrequest ID is sent to all requests, even if the destination is not the same host as the Next.js application. Initiating a fetch request to a third-party within Middleware will send the x-middleware-subrequest-id to that third party. This vulnerability is fixed in 12.3.6, 13.5.10, 14.2.26, and 15.2.4.\n\ud83d\udccf Published: 2025-04-02T21:23:14.660Z\n\ud83d\udccf Modified: 2025-04-02T21:23:14.660Z\n\ud83d\udd17 References:\n1. https://github.com/vercel/next.js/security/advisories/GHSA-223j-4rm8-mrmf\n2. https://vercel.com/changelog/cve-2025-30218-5DREmEH765PoeAsrNNQj3O", "creation_timestamp": "2025-04-02T21:34:07.000000Z"}, {"uuid": "aa8f37fc-8cb0-4310-9da2-a521fbcc2762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30215", "type": "seen", "source": "https://t.me/cvedetector/23036", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30215 - NATS-Server JetStream Administrative Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30215 \nPublished : April 16, 2025, 12:15 a.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : NATS-Server is a High-Performance server for NATS.io, the cloud and edge native messaging system. In versions starting from 2.2.0 but prior to 2.10.27 and 2.11.1, the management of JetStream assets happens with messages in the $JS. subject namespace in the system account; this is partially exposed into regular accounts to allow account holders to manage their assets. Some of the JS API requests were missing access controls, allowing any user with JS management permissions in any account to perform certain administrative actions on any JS asset in any other account. At least one of the unprotected APIs allows for data destruction. None of the affected APIs allow disclosing stream contents. This vulnerability is fixed in v2.11.1 or v2.10.27. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T03:29:28.000000Z"}, {"uuid": "b48f2513-35a6-4327-a9b5-6317e72905d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30211", "type": "seen", "source": "https://t.me/cvedetector/21437", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30211 - Erlang/OTP KEX Init Message Memory Exhaustion Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-30211 \nPublished : March 28, 2025, 3:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message. Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. Versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19 fix the issue. Some workarounds are available. One may set option `parallel_login` to `false` and/or reduce the `max_sessions` option. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T17:45:16.000000Z"}, {"uuid": "01f35e1d-0655-4590-bd4d-c386c914e97e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30213", "type": "seen", "source": "https://t.me/cvedetector/21100", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30213 - Frappe Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30213 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : Frappe is a full-stack web application framework. Prior to versions 14.91.0 and 15.52.0, a system user was able to create certain documents in a specific way that could lead to remote code execution. Versions 14.9.1 and 15.52.0 contain a patch for the vulnerability. There's no workaround; an upgrade is required. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:06.000000Z"}, {"uuid": "7dd81661-aae0-431a-a017-f5fa9440cadb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30219", "type": "seen", "source": "https://t.me/cvedetector/21139", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30219 - RabbitMQ Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30219 \nPublished : March 25, 2025, 11:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : RabbitMQ is a messaging and streaming broker. Versions prior to 4.0.3 are vulnerable to a sophisticated attack that could modify virtual host name on disk and then make it unrecoverable (with other on disk file modifications) can lead to arbitrary JavaScript code execution in the browsers of management UI users. When a virtual host on a RabbitMQ node fails to start, recent versions  \nwill display an error message (a notification) in the management UI. The error message includes virtual host name, which was not escaped prior to open source RabbitMQ 4.0.3 and Tanzu RabbitMQ 4.0.3, 3.13.8. An attack that both makes a virtual host fail to start and creates a new virtual host name with an XSS code snippet or changes the name of an existing virtual host on disk could trigger arbitrary JavaScript code execution in the management UI (the user's browser). Open source RabbitMQ `4.0.3` and Tanzu RabbitMQ `4.0.3` and `3.13.8` patch the issue. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T02:11:09.000000Z"}, {"uuid": "c4d3b1d3-1935-4f26-8e28-e71469557572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30216", "type": "seen", "source": "https://t.me/cvedetector/21137", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30216 - CryptoLib Heap Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-30216 \nPublished : March 25, 2025, 8:15 p.m. | 2\u00a0hours, 5\u00a0minutes ago \nDescription : CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in the `Crypto_TM_ProcessSecurity` function (`crypto_tm.c:1735:8`). When processing the Secondary Header Length of a TM protocol packet, if the Secondary Header Length exceeds the packet's total length, a heap overflow is triggered during the memcpy operation that copies packet data into the dynamically allocated buffer `p_new_dec_frame`. This allows an attacker to overwrite adjacent heap memory, potentially leading to arbitrary code execution or system instability. A patch is available at commit 810fd66d592c883125272fef123c3240db2f170f. \nSeverity: 9.4 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T23:40:54.000000Z"}, {"uuid": "0011e851-4749-4be4-b49f-eb2a1160e001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30214", "type": "seen", "source": "https://t.me/cvedetector/21101", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30214 - Frappe Account Takeover Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30214 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : Frappe is a full-stack web application framework. Prior to versions 14.89.0 and 15.51.0, making crafted requests could lead to information disclosure that could further lead to account takeover. Versions 14.89.0 and 15.51.0 fix the issue. There's no workaround to fix this without upgrading. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:07.000000Z"}, {"uuid": "e1473bc3-4918-4f60-932d-667e98572c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30218", "type": "seen", "source": "https://t.me/cvedetector/21921", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30218 - Next.js Cross-Origin Request Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-30218 \nPublished : April 2, 2025, 10:15 p.m. | 20\u00a0minutes ago \nDescription : Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which persisted across multiple incoming requests. However, this subrequest ID is sent to all requests, even if the destination is not the same host as the Next.js application. Initiating a fetch request to a third-party within Middleware will send the x-middleware-subrequest-id to that third party. This vulnerability is fixed in 12.3.6, 13.5.10, 14.2.26, and 15.2.4. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T01:01:29.000000Z"}, {"uuid": "79111929-edde-46c9-8e89-f1942892d680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3021", "type": "seen", "source": "https://t.me/cvedetector/21589", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3021 - e-solutions e-management Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2025-3021 \nPublished : March 31, 2025, 11:15 a.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the \u2018file\u2019 parameter in the /downloadReport.php endpoint. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T15:01:00.000000Z"}, {"uuid": "9c15ffb1-5c71-446c-8524-e1737780af9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30212", "type": "seen", "source": "https://t.me/cvedetector/21099", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30212 - Frappe Framework SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30212 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : Frappe is a full-stack web application framework. An SQL Injection vulnerability has been identified in Frappe Framework prior to versions 14.89.0 and 15.51.0 which could allow a malicious actor to access sensitive information. Versions 14.89.0 and 15.51.0 fix the issue. Upgrading is required; no other workaround is present. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:05.000000Z"}, {"uuid": "cb8d60db-59f2-4db9-b099-580093fc56a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30216", "type": "published-proof-of-concept", "source": "Telegram/vQ0Sm3TCgGLw115KTy13Xlz5wNa50qfz0GIGSnr52V26EMk", "content": "", "creation_timestamp": "2025-03-26T20:00:07.000000Z"}, {"uuid": "f9204ea4-75c2-4a31-b3ee-2aa8d4d0c41e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30214", "type": "published-proof-of-concept", "source": "Telegram/4yRTt9dy-kSa9hw9IvAX8xqiMQA60h8go96Ck2HC1in5CKw", "content": "", "creation_timestamp": "2025-03-25T17:30:48.000000Z"}]}