{"vulnerability": "cve-2025-0868", "sightings": [{"uuid": "e16f076e-7aa9-4bde-9fcb-a1fa3ddb8647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lj4blay6ei2v", "content": "", "creation_timestamp": "2025-02-26T21:02:04.553869Z"}, {"uuid": "30d8a73a-edb7-4c51-b84f-8d0bff52c88f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-0868.yaml", "content": "", "creation_timestamp": "2025-02-25T10:34:07.000000Z"}, {"uuid": "d8973018-c48d-4af1-ba50-982c1b06a866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-21)", "content": "", "creation_timestamp": "2025-06-21T00:00:00.000000Z"}, {"uuid": "f86b0a9d-1f68-4c28-b16c-4454de5d41d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3limlaauq6h2y", "content": "", "creation_timestamp": "2025-02-20T15:12:13.846824Z"}, {"uuid": "664ae8ba-737d-472b-8fb4-3597918e594c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-20)", "content": "", "creation_timestamp": "2025-06-20T00:00:00.000000Z"}, {"uuid": "07b667d5-2a76-4376-8221-71449bcb7634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmifnen7dv27", "content": "", "creation_timestamp": "2025-04-10T21:02:23.415461Z"}, {"uuid": "0a1d37cf-3ed5-4e7e-8c97-07332bc67405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrbs3rwsp32u", "content": "", "creation_timestamp": "2025-06-10T21:02:35.992847Z"}, {"uuid": "c21963f9-31b2-42d6-b16a-e216123c5c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-24)", "content": "", "creation_timestamp": "2025-06-24T00:00:00.000000Z"}, {"uuid": "641244d0-6324-4e4f-9ba6-cc0c123d0571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "https://www.exploit-db.com/exploits/52145", "content": "", "creation_timestamp": "2025-04-09T00:00:00.000000Z"}, {"uuid": "f7e5f7a4-3c1f-4502-b605-09d210b0c5d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-10)", "content": "", "creation_timestamp": "2025-12-10T00:00:00.000000Z"}, {"uuid": "d7d8ce36-31e6-4293-b011-a2b57204bdc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "2e12e3a3-1d42-479a-9061-2d4d3fb473d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-13)", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "5ac48aac-c76d-478b-81c6-ab4e4bec4aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/28156", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThe first publicly available exploit demonstration for CVE-2025-0868, to the best of my knowledge.\nURL\uff1ahttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-31T22:02:03.000000Z"}, {"uuid": "50d9d494-a027-48be-b2e7-1ca48776278a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3362", "content": "#exploit\n1. CCleaner LPE Vulnerability on macOS\nhttps://blog.quarkslab.com/ccleaner_lpe_macos.html\n\n2. CVE-2025-0868:\nArbitrary Command Injection in DocsGPT\nhttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n3. CVE-2025-30208:\nVite Arbitrary File Read vulnerability\nhttps://github.com/jackieya/CVE-2025-30208", "creation_timestamp": "2025-04-01T06:29:39.000000Z"}, {"uuid": "ee2105fa-a41f-4dc9-93f8-685df09670aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "Telegram/L244JoNw57CRJMWCPi_ZRxUkTJoBnlOlWfCWqfHHeiICTHY", "content": "", "creation_timestamp": "2025-04-01T05:00:07.000000Z"}, {"uuid": "20cdef93-8eca-4695-b85e-e8ac0811e49c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "https://t.me/cvedetector/18542", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0868 - DocsGPT JSON Code Injection RCE\", \n  \"Content\": \"CVE ID : CVE-2025-0868 \nPublished : Feb. 20, 2025, 12:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.  \n  \nThis issue affects DocsGPT: from 0.8.1 through 0.12.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T14:49:35.000000Z"}, {"uuid": "ada98775-42a6-4bb3-9ad1-61f818d9182f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/8445", "content": "#exploit\n1. CCleaner LPE Vulnerability on macOS\nhttps://blog.quarkslab.com/ccleaner_lpe_macos.html\n\n2. CVE-2025-0868:\nArbitrary Command Injection in DocsGPT\nhttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n3. CVE-2025-30208:\nVite Arbitrary File Read vulnerability\nhttps://github.com/jackieya/CVE-2025-30208", "creation_timestamp": "2025-04-01T06:29:39.000000Z"}, {"uuid": "36ceb971-c150-423c-8864-9b4042fbbd5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "seen", "source": "Telegram/YcLyfgjxS8wFVsXueB-Fpx0MMnYTtaDaq1jL96EujmeZ3VmW", "content": "", "creation_timestamp": "2025-02-20T23:26:54.000000Z"}, {"uuid": "12189705-a2f9-4285-8d5b-d28b6cff66ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11994", "content": "#exploit\n1. CCleaner LPE Vulnerability on macOS\nhttps://blog.quarkslab.com/ccleaner_lpe_macos.html\n\n2. CVE-2025-0868:\nArbitrary Command Injection in DocsGPT\nhttps://github.com/shreyas-malhotra/PoC_CVE-2025-0868\n\n3. CVE-2025-30208:\nVite Arbitrary File Read vulnerability\nhttps://github.com/jackieya/CVE-2025-30208", "creation_timestamp": "2025-04-01T18:10:02.000000Z"}, {"uuid": "22acd270-b870-4293-945d-4f77f2523429", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0868", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d64f03aa-d527-4e2f-8a4f-c9edac0423e8", "content": "", "creation_timestamp": "2026-06-19T12:46:08.622874Z"}]}