https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-05T07:10:13.821214+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/3a11465b-e126-49ad-bf03-b9ddde39b356/export3a11465b-e126-49ad-bf03-b9ddde39b3562026-06-05T07:10:14.445857+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "3a11465b-e126-49ad-bf03-b9ddde39b356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25860", "type": "seen", "source": "https://t.me/cibsecurity/56953", "content": "\u203c CVE-2022-25860 \u203c\n\nVersions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T00:34:06.000000Z"}2023-01-27T00:34:06+00:00https://vulnerability.circl.lu/sighting/da46f9ab-35aa-4983-abbf-9bc3fb49ef23/exportda46f9ab-35aa-4983-abbf-9bc3fb49ef232026-06-05T07:10:14.445733+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "da46f9ab-35aa-4983-abbf-9bc3fb49ef23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25860", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9917", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-25860\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P)\n\ud83d\udd39 Description: Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization.This vulnerability exists due to an incomplete fix of [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221).\n\ud83d\udccf Published: 2023-01-24T05:00:02.399Z\n\ud83d\udccf Modified: 2025-04-01T15:29:18.377Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3177391\n2. https://github.com/steveukx/git-js/pull/881/commits/95459310e5b8f96e20bb77ef1a6559036b779e13\n3. https://github.com/steveukx/git-js/commit/ec97a39ab60b89e870c5170121cd9c1603cc1951", "creation_timestamp": "2025-04-01T15:32:31.000000Z"}2025-04-01T15:32:31+00:00https://vulnerability.circl.lu/sighting/e10497fa-87ad-4538-bc8c-869d5a5e5e35/exporte10497fa-87ad-4538-bc8c-869d5a5e5e352026-06-05T07:10:14.443899+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "e10497fa-87ad-4538-bc8c-869d5a5e5e35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25860", "type": "published-proof-of-concept", "source": "Telegram/61DYlWTca6IkcT_FpN2RYBtwr9MKXFEKysLP63-1xRoUERI", "content": "", "creation_timestamp": "2026-04-13T19:19:04.000000Z"}2026-04-13T19:19:04+00:00