CVE-2026-25860

creationtimestamp| type| source ---|---|--- 2026-06-05 17:00:04+00:00| seen| https://t.me/GithubRedTeam/87464 2026-06-05 19:00:11+00:00| published-proof-of-concept| Telegram/vT4GraR1tGy8kb2p0gDblUF32yKb9Lm75V4SoCKaucAr0 2026-06-05 21:00:04+00:00| published-proof-of-concept|...

1508-cli (>=1.0.4 <=1.0.6), 3extensions (=1.0.1) +4910 more potentially affected by CVE-2022-25860 +1 more via simple-git (>=0.10.0 <=3.31.1)

simple-git NPM version =0.10.0, =1.0.4, =1.0.0, =0.0.80, =1.0.0, =2.0.0, =0.0.0, =0.0.1, =0.0.1, =0.0.5, =0.0.5, =0.0.5, =0.0.5, =0.1.16 and more Source cves: CVE-2022-25860, CVE-2026-28291 Source advisory: OSV:GHSA-JCXM-M3JX-F287...

3extensions (=1.0.1), @51jbs/incremental-coverage-plugin (=1.0.5) +508 more potentially affected by CVE-2022-25860 +1 more via simple-git (>=3.0.3 <=3.31.1)

simple-git NPM version =3.0.3, =1.0.1, =1.0.1, =0.0.0-ad-beta.1, =0.0.0-aj-beta.3, =23.0.0, =35.0.0, =1.4.0, =0.1.5-alpha.0, =1.0.2, =8.7.2, =0.0.1, =0.0.8 and more Source cves: CVE-2022-25860, CVE-2026-28291 Source advisory: SNYK:JS-SIMPLEGIT-16032290...

Linux Distros Unpatched Vulnerability : CVE-2020-25860

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time- of-Use vulnerability, where signature verification on ...

CVE-2020-25860

The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker who can modify the update file just before it is...

PT-2025-19818 · Crates.Io · Totally-Safe

totally-safe provides unsound APIs that exploit a soundness bug in rustc: https://github.com/rust-lang/rust/issues/25860...

Security Bulletin: IBM Storage Ceph is vulnerable to OS Command Injection in Grafana (CVE-2022-25912, CVE-2022-25860, CVE-2022-25908)

Summary Simple Git is used by IBM Storage Ceph in Grafana for Metrics. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. CVE-2022-25912, CVE-2022-25860, CVE-2022-25908. Vulnerability Details CVEID:CVE-2022-25912 DESCRIPTION: Node.js simple-git module cou...

Adobe Illustrator < 27.3.1 Multiple Vulnerabilities (APSB23-19) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 27.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-19 advisory. - Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by a Use After Free vulnerability th...

CVE-2023-25860

creationtimestamp| type| source ---|---|--- 2023-03-22 19:36:03+00:00| seen| https://t.me/cibsecurity/60500...

CVE-2023-25860

Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-25860 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe Illustrator < 27.3.1 Multiple Vulnerabilities (APSB23-19)

The version of Adobe Illustrator installed on the remote Windows host is prior to 27.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-19 advisory. - Illustrator version 26.5.2 and earlier and 27.2.0 and earlier are affected by a Use After Free vulnerability...

CVE-2022-25860

creationtimestamp| type| source ---|---|--- 2023-01-27 00:34:06+00:00| seen| https://t.me/cibsecurity/56953 2025-04-01 15:32:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9917 2026-04-13 19:19:04+00:00| published-proof-of-concept|...

1508-cli (>=1.0.4 <=1.0.6), 40banner (>=1.0.0 <=1.1.2) +4528 more potentially affected by CVE-2022-25860 via simple-git (>=0.10.0 <=3.15.1)

simple-git NPM version =0.10.0, =1.0.4, =1.0.0, =0.0.80, =1.0.0, =2.0.0, =0.0.0, =0.0.1, =0.0.1, =0.0.5, =0.0.5, =0.0.5, =0.0.5, =0.0.5, =0.1.16 and more Source cves: CVE-2022-25860 Source advisory: OSV:GHSA-9W5J-4MWV-2WJ8...

CVE-2022-25860

Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution RCE via the clone, pull, push and listRemote methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of CVE-2022-25912...

CVE-2022-25860

The CVE-2022-25860 entry concerns the simple-git package. Versions before 3.16.0 are vulnerable to Remote Code Execution via clone(), pull(), push(), and listRemote() due to improper input sanitization, tied to an incomplete fix of CVE-2022-25912. CERT/OSV/NVD/IBM/Red Hat references confirm the i...

@51jbs/incremental-coverage-plugin (=1.0.5), @51jbs/spec-plugin (=2.0.0) +98 more potentially affected by CVE-2022-25860 +1 more via simple-git (>=3.0.3 <=3.15.1)

simple-git NPM version =3.0.3, =0.0.0-ad-beta.1, =0.0.0-aj-beta.3, =5.26.6, =14.24.1, =2.0.0, =0.0.64, =1.0.1-beta.0, =2.2.0, =2.3.2 and more Source cves: CVE-2022-25860, CVE-2022-25912 Source advisory: SNYK:JS-SIMPLEGIT-3177391...

CVE-2020-25860

creationtimestamp| type| source ---|---|--- 2020-12-28 23:39:06+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2348...

CVE-2020-25860

The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker who can modify the update file just before it is...

CVE-2020-25860

The CVE-2020-25860 issue affects the Pengutronix RAUC update client, specifically the install.c module in versions prior to 1.5. The vulnerability is a Time-of-Check Time-of-Use flaw where signature verification on an update file occurs before reopening it for installation. An attacker who can mo...