{"vulnerability": "CVE-2025-3084", "sightings": [{"uuid": "ab7f7f68-bb4b-4877-ac05-d0e87de8f4cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30849", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114261603718070713", "content": "", "creation_timestamp": "2025-04-01T07:48:29.735731Z"}, {"uuid": "f9d1b7d6-9467-4812-a911-552e1d245bff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30849", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114261603718070713", "content": "", "creation_timestamp": "2025-04-01T07:48:29.734355Z"}, {"uuid": "45dfc0f2-d06c-4fe6-a69f-22df125134c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3084", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lluiyzj2ms2x", "content": "", "creation_timestamp": "2025-04-02T23:09:18.301164Z"}, {"uuid": "c358ba98-2f94-457b-afa7-ee1091ceb793", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3084", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9870", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3084\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0 prior to 6.0.20, MongoDB Server v7.0 prior to 7.0.16 and MongoDB Server v8.0 prior to 8.0.4\n\ud83d\udccf Published: 2025-04-01T11:14:19.784Z\n\ud83d\udccf Modified: 2025-04-01T11:14:19.784Z\n\ud83d\udd17 References:\n1. https://jira.mongodb.org/browse/SERVER-103153", "creation_timestamp": "2025-04-01T11:34:28.000000Z"}, {"uuid": "55d751d2-049a-431f-91d3-9e3b59219fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30841", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114265378913716121", "content": "", "creation_timestamp": "2025-04-01T23:48:34.695272Z"}, {"uuid": "b589d0c3-3691-4816-b69e-842e9d5439ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30841", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llrtlbmgqw2m", "content": "", "creation_timestamp": "2025-04-01T21:40:27.211447Z"}, {"uuid": "79154d3f-b261-4de3-83d5-f50b091900ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30841", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114265378913716121", "content": "", "creation_timestamp": "2025-04-01T23:48:34.696578Z"}, {"uuid": "2f3ffa47-5a73-4234-95ea-bfb5c4417cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30849", "type": "published-proof-of-concept", "source": "Telegram/KTve-ylqtLiLjqXZhMB9xyx1YNgyBl72T9B20ArtsU9PWWM", "content": "", "creation_timestamp": "2026-04-01T21:29:22.000000Z"}, {"uuid": "83da6f7c-e855-43cb-ba9a-5dde7dee56a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3084", "type": "seen", "source": "https://t.me/cvedetector/21747", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3084 - MongoDB Server Argument Validation Buffer Crash\", \n  \"Content\": \"CVE ID : CVE-2025-3084 \nPublished : April 1, 2025, 12:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0 prior to 6.0.20, MongoDB Server v7.0 prior to 7.0.16 and MongoDB Server v8.0 prior to 8.0.4 \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T16:23:12.000000Z"}, {"uuid": "70819139-58c7-4ba7-b84d-69dde836ee21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30841", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10085", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30841\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in adamskaat Countdown & Clock allows Remote Code Inclusion. This issue affects Countdown & Clock: from n/a through 2.8.8.\n\ud83d\udccf Published: 2025-04-01T20:58:07.179Z\n\ud83d\udccf Modified: 2025-04-02T14:21:31.572Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/countdown-builder/vulnerability/wordpress-countdown-clock-plugin-2-8-8-remote-code-execution-rce-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-02T14:34:05.000000Z"}, {"uuid": "e2c0ba53-5e78-4597-b7f9-80dd2de5b0b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30844", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10060", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30844\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Watu Quiz allows Reflected XSS. This issue affects Watu Quiz: from n/a through 3.4.2.\n\ud83d\udccf Published: 2025-04-01T20:58:07.310Z\n\ud83d\udccf Modified: 2025-04-02T13:28:26.375Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/watu/vulnerability/wordpress-watu-quiz-plugin-3-4-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-02T13:33:28.000000Z"}, {"uuid": "60d93058-201a-4506-902e-1c2c4d266320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30849", "type": "seen", "source": "https://t.me/cvedetector/21735", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30849 - \"G5theme Essential Real Estate PHP Remote File Inclusion Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-30849 \nPublished : April 1, 2025, 6:15 a.m. | 1\u00a0hour, 5\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate allows PHP Local File Inclusion. This issue affects Essential Real Estate: from n/a through 5.2.0. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T09:26:57.000000Z"}]}