{"vulnerability": "CVE-2025-23016", "sightings": [{"uuid": "2cc7f861-9ce2-44b2-9fb5-c0ba3e81419d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lr6n27e7ny2p", "content": "", "creation_timestamp": "2025-06-09T14:54:06.631971Z"}, {"uuid": "4f533d40-f739-4175-8bf0-4b1f067c0e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lolkr53qds2p", "content": "", "creation_timestamp": "2025-05-07T14:02:19.944754Z"}, {"uuid": "70ef58ea-f726-430e-a919-79e0ada691f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23016", "type": "seen", "source": "https://bsky.app/profile/raptor.infosec.exchange.ap.brid.gy/post/3lwjpf4dfrdf2", "content": "", "creation_timestamp": "2025-08-16T15:41:48.244518Z"}, {"uuid": "0a272b09-8c8c-4d17-b4f9-8219b3715c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13163", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23016\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.\n\ud83d\udccf Published: 2025-01-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T23:26:53.495Z\n\ud83d\udd17 References:\n1. https://github.com/FastCGI-Archives/fcgi2/issues/67\n2. https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5\n3. https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library", "creation_timestamp": "2025-04-24T00:05:20.000000Z"}, {"uuid": "b1c53527-30b8-4927-88ec-9670b1a0a696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113804137387647777", "content": "", "creation_timestamp": "2025-01-10T12:48:48.022250Z"}, {"uuid": "f0e15f58-45be-4c0e-8763-9fa662da963e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113804446450136560", "content": "", "creation_timestamp": "2025-01-10T14:07:23.345626Z"}, {"uuid": "5fdb3f0a-55e7-4b88-a966-57b4fce8bb3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lnj35heh4i2m", "content": "", "creation_timestamp": "2025-04-23T20:52:18.459972Z"}, {"uuid": "9adce346-e7e2-40d6-96cb-79db4b352e56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lntm7znodi2w", "content": "", "creation_timestamp": "2025-04-28T01:24:36.614876Z"}, {"uuid": "e8fda669-fd60-4e6d-8742-1a8b874ad777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lnuh4b2b6k26", "content": "", "creation_timestamp": "2025-04-28T09:25:42.065045Z"}, {"uuid": "ae484415-90f3-4285-88a7-a3791292b6ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-23016", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lnuiqhcnss2r", "content": "", "creation_timestamp": "2025-04-28T09:54:51.679546Z"}, {"uuid": "41412c72-8da5-44a7-b684-634e52c51bdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16683", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-40907\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.\n\nThe included FastCGI library is affected by  CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.\n\ud83d\udccf Published: 2025-05-16T13:03:02.774Z\n\ud83d\udccf Modified: 2025-05-16T13:03:02.774Z\n\ud83d\udd17 References:\n1. http://www.openwall.com/lists/oss-security/2025/04/23/4\n2. https://github.com/FastCGI-Archives/fcgi2/issues/67\n3. https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5\n4. https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library\n5. https://github.com/perl-catalyst/FCGI/issues/14\n6. https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.patch", "creation_timestamp": "2025-05-16T13:35:47.000000Z"}, {"uuid": "495d2080-0c52-4e62-b930-e48ea4c8145c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113803899211529752", "content": "", "creation_timestamp": "2025-01-10T11:48:12.959742Z"}, {"uuid": "33cf4bf7-dad1-4f02-97ac-c646c34cf3c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lff6bir7s62m", "content": "", "creation_timestamp": "2025-01-10T12:16:03.389054Z"}, {"uuid": "d8f12ecf-5249-4d95-9fe3-a245e8b63144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lff7k5nxjn2q", "content": "", "creation_timestamp": "2025-01-10T12:38:47.585232Z"}, {"uuid": "bf4d9239-245e-4c04-98e4-b15152f74dec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lff7k5y4at2k", "content": "", "creation_timestamp": "2025-01-10T12:38:48.298395Z"}, {"uuid": "48ac378e-7814-498c-86bf-99608f2e2858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114517901515427046", "content": "", "creation_timestamp": "2025-05-16T14:08:23.831171Z"}, {"uuid": "c4b5c569-11f4-4c77-8cd2-ef3e83708b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lnulf2jwyj2m", "content": "", "creation_timestamp": "2025-04-28T10:42:10.747006Z"}, {"uuid": "752b96e2-dcd2-4ecf-a399-2f7e5697f194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23016\n\ud83d\udd39 Description: FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.\n\ud83d\udccf Published: 2025-01-10T00:00:00\n\ud83d\udccf Modified: 2025-01-10T11:47:49.477Z\n\ud83d\udd17 References:\n1. https://github.com/FastCGI-Archives/fcgi2/issues/67", "creation_timestamp": "2025-01-10T12:04:54.000000Z"}, {"uuid": "c604fe1b-143a-4f0f-8ba6-e05597d4a94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23016", "type": "seen", "source": "https://t.me/cvedetector/14952", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23016 - FastCGI fcgi2 Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-23016 \nPublished : Jan. 10, 2025, 12:15 p.m. | 26\u00a0minutes ago \nDescription : FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-10T13:50:02.000000Z"}]}