https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 17 Jun 2026 19:37:14 +0000 https://vulnerability.circl.lu/sighting/b8fe9453-c163-47c3-80e5-1d75b0263799/export {"uuid": "b8fe9453-c163-47c3-80e5-1d75b0263799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "seen", "source": "https://t.me/cvedetector/19830", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27518 - TrueFoundry Cognita CORS Misconfiguration\", \n \"Content\": \"CVE ID : CVE-2025-27518 \nPublished : March 7, 2025, 4:15 p.m. | 58\u00a0minutes ago \nDescription : Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixed in commit 75079c3d3cf376381489b9a82ee46c69024e1a15. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"07 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T18:17:17.000000Z"} {"uuid": "b8fe9453-c163-47c3-80e5-1d75b0263799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "seen", "source": "https://t.me/cvedetector/19830", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27518 - TrueFoundry Cognita CORS Misconfiguration\", \n \"Content\": \"CVE ID : CVE-2025-27518 \nPublished : March 7, 2025, 4:15 p.m. | 58\u00a0minutes ago \nDescription : Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixed in commit 75079c3d3cf376381489b9a82ee46c69024e1a15. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"07 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T18:17:17.000000Z"} https://vulnerability.circl.lu/sighting/b8fe9453-c163-47c3-80e5-1d75b0263799/export Fri, 07 Mar 2025 18:17:17 +0000 https://vulnerability.circl.lu/sighting/3978e09a-0efe-4076-bd3b-3fc09bac4541/export {"uuid": "3978e09a-0efe-4076-bd3b-3fc09bac4541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6900", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27518\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixed in commit 75079c3d3cf376381489b9a82ee46c69024e1a15.\n\ud83d\udccf Published: 2025-03-07T15:36:48.366Z\n\ud83d\udccf Modified: 2025-03-07T21:49:40.505Z\n\ud83d\udd17 References:\n1. https://securitylab.github.com/advisories/GHSL-2024-193_GHSL-2024-194_Cognita/\n2. https://github.com/truefoundry/cognita/pull/424\n3. https://github.com/truefoundry/cognita/commit/75079c3d3cf376381489b9a82ee46c69024e1a15", "creation_timestamp": "2025-03-07T22:35:48.000000Z"} {"uuid": "3978e09a-0efe-4076-bd3b-3fc09bac4541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6900", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27518\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: Cognita is a RAG (Retrieval Augmented Generation) Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixed in commit 75079c3d3cf376381489b9a82ee46c69024e1a15.\n\ud83d\udccf Published: 2025-03-07T15:36:48.366Z\n\ud83d\udccf Modified: 2025-03-07T21:49:40.505Z\n\ud83d\udd17 References:\n1. https://securitylab.github.com/advisories/GHSL-2024-193_GHSL-2024-194_Cognita/\n2. https://github.com/truefoundry/cognita/pull/424\n3. https://github.com/truefoundry/cognita/commit/75079c3d3cf376381489b9a82ee46c69024e1a15", "creation_timestamp": "2025-03-07T22:35:48.000000Z"} https://vulnerability.circl.lu/sighting/3978e09a-0efe-4076-bd3b-3fc09bac4541/export Fri, 07 Mar 2025 22:35:48 +0000 https://vulnerability.circl.lu/sighting/d2d1f42d-216a-46c7-a091-f262256286d2/export {"uuid": "d2d1f42d-216a-46c7-a091-f262256286d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "seen", "source": "Telegram/6dZxXuLv-IgV5giZ8ai7Br2Q-GAO7pWWAKqj-9hZGh35uxQ0", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"} {"uuid": "d2d1f42d-216a-46c7-a091-f262256286d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27518", "type": "seen", "source": "Telegram/6dZxXuLv-IgV5giZ8ai7Br2Q-GAO7pWWAKqj-9hZGh35uxQ0", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"} https://vulnerability.circl.lu/sighting/d2d1f42d-216a-46c7-a091-f262256286d2/export Sat, 08 Mar 2025 04:35:51 +0000