GHSA-74V4-F3X9-PPVR

creationtimestamp| type| source ---|---|--- 2025-07-15 21:28:51+00:00| seen| Telegram/la-69G5ZUDwSUqsMSPSEPIz2QDSk9VHKXznNo-B6B-DPKMw...

Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub

Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APPKEYs to be weaponized to gain remote code execution capabilities on hundreds of applications. "Laravel's APPKEY, essential for encrypting sensitive data, is often leaked publicly e.g., on GitHub,"...

GHSA-QJMQ-H3CC-QV6W

creationtimestamp| type| source ---|---|--- 2025-07-10 20:18:47+00:00| seen| Telegram/pXxe8XI9mTW8yWY1Nl3-04J6wo96nS-LpCGFCKzO-5Tgl0 2025-07-10 20:18:48+00:00| seen| Telegram/Pg251So2l8iDRxAy6wiLQWBAZc72ZtkVSL5WWSapRXHyJ7Q...

GHSA-PMF9-2RC3-VVXX

creationtimestamp| type| source ---|---|--- 2025-06-27 15:53:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19742...

GHSA-XH32-CX6C-CP4V

creationtimestamp| type| source ---|---|--- 2025-06-24 04:48:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19308...

GHSA-2CH5-GQJM-8P92

creationtimestamp| type| source ---|---|--- 2025-06-24 03:34:31+00:00| seen| Telegram/61p3TvgIcQeITUHd25WC7uXKnalG822tf2zquntb02gfO4o 2025-06-24 03:48:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19300...

GHSA-9VX8-V79M-6M24

creationtimestamp| type| source ---|---|--- 2025-06-23 20:32:26+00:00| published-proof-of-concept| Telegram/O2eh7gLrpcZbONgN5-OX68m3ZbpQKWlr4HE62LMc1M7414 2025-07-01 05:10:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/20007...

GHSA-6QHV-4H7R-2G9M

creationtimestamp| type| source ---|---|--- 2025-06-21 02:03:08+00:00| seen| Telegram/VYISubODK9o2EhmMQtV1Poo-UEd9SUXrb4Hppof0xM5PUw 2025-06-21 03:25:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19100...

GHSA-52P5-5FMW-9HRF

creationtimestamp| type| source ---|---|--- 2025-06-19 04:41:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18839 2025-06-19 05:01:47+00:00| published-proof-of-concept| Telegram/46ceI5nsxcRHJRwxF0BC6VxuGD8BgaFNIkSgqW-NagPBDfM...

GHSA-48P4-8XCF-VXJ5

creationtimestamp| type| source ---|---|--- 2025-06-19 02:40:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18833...

GHSA-6CC8-C3C9-3RGR

creationtimestamp| type| source ---|---|--- 2025-06-16 20:31:30+00:00| published-proof-of-concept| Telegram/Z-E45SeLQmulAiMNJbdsp5CiTjOWjFSQdsTMSo28OTtfoQ 2025-06-16 20:37:05+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18524...

GHSA-3Q5Q-QMRM-RVWX

creationtimestamp| type| source ---|---|--- 2025-06-09 13:02:03+00:00| published-proof-of-concept| Telegram/AvRPE1FYyApk1Jln3Af0piOZ09oDjaUbhCE1oirCL83hBqc...

GHSA-7QJ6-JXFC-XW4V

creationtimestamp| type| source ---|---|--- 2025-05-23 15:44:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17407...

CVE-2023-43662

ShokoServer is a media server which specializes in organizing anime. In affected versions the /api/Image/WithPath endpoint is accessible without authentication and is supposed to return default server images. The endpoint accepts the parameter serverImagePath, which is not sanitized in any way...

CVE-2023-41899

Home assistant is an open source home automation. In affected versions the hassio.addonstdin is vulnerable to a partial Server-Side Request Forgery where an attacker capable of calling this service e.g.: through GHSA-h2jp-7grc-9xpp may be able to invoke any Supervisor REST API endpoints with a PO...

CVE-2021-43862

jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...

CVE-2021-32783

Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy...

GHSA-CXFP-7PVR-95FF

creationtimestamp| type| source ---|---|--- 2025-05-21 17:43:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17158...

GHSA-44FP-W29J-9VJ5

creationtimestamp| type| source ---|---|--- 2025-05-19 19:39:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16918...

GHSA-9XHX-P3C5-P4V6

creationtimestamp| type| source ---|---|--- 2025-05-15 16:35:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16533...