{"vulnerability": "CVE-2025-2304", "sightings": [{"uuid": "87acdf7c-35e1-4831-bf68-7663179bd9d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23042", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lftcbfiosh23", "content": "", "creation_timestamp": "2025-01-16T03:04:53.632377Z"}, {"uuid": "ff499dbc-d41b-4b72-bdf9-e9cc83594280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23042", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lftit3bnrk2f", "content": "", "creation_timestamp": "2025-01-16T05:02:10.694595Z"}, {"uuid": "08d173c6-48de-42f4-bcef-6b09830ce2ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23044", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861471440807384", "content": "", "creation_timestamp": "2025-01-20T15:49:35.533104Z"}, {"uuid": "186c39bd-0896-49aa-839d-52f697ee11be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23044", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg6qdnvj762s", "content": "", "creation_timestamp": "2025-01-20T16:15:56.650364Z"}, {"uuid": "9a7e57a6-e0f9-4464-9ae5-996d31dc4782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23044", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg6sigkigb2k", "content": "", "creation_timestamp": "2025-01-20T16:54:25.374183Z"}, {"uuid": "676b0cdc-92b4-4f50-97b0-ed955c652387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23040", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgqcvwv2hn2u", "content": "", "creation_timestamp": "2025-01-27T16:03:32.820252Z"}, {"uuid": "41e116b3-e839-4f83-890f-e143709288c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23045", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgsu42tcvz2f", "content": "", "creation_timestamp": "2025-01-28T16:16:32.113360Z"}, {"uuid": "78629195-c757-448c-a1f1-ff52f20f5652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkdqechp2b2a", "content": "", "creation_timestamp": "2025-03-14T13:40:23.725152Z"}, {"uuid": "1c382816-ae49-426a-a2d4-512304837fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23049", "type": "seen", "source": "https://bsky.app/profile/crowdcyber.bsky.social/post/3m2fmwstvqs26", "content": "", "creation_timestamp": "2025-10-04T22:27:35.414853Z"}, {"uuid": "cd067159-2170-4208-854d-0fd43239b191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23049", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3m23ilsv24n25", "content": "", "creation_timestamp": "2025-09-30T21:43:14.447870Z"}, {"uuid": "abf9559d-0a17-494e-ac95-12b6953e3fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23045", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:02.000000Z"}, {"uuid": "23813570-4bd8-47c1-a7ac-d28c907fb88e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1761", "content": "", "creation_timestamp": "2026-02-12T04:00:00.000000Z"}, {"uuid": "2f0629d0-7008-4d32-8549-52f833ae703d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1763", "content": "", "creation_timestamp": "2026-02-13T04:00:00.000000Z"}, {"uuid": "570e7086-170b-4b5c-b44f-221cbff8eb0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23041", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1577", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23041\n\ud83d\udd39 Description: Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade. There are no known workarounds for this issue.\n\ud83d\udccf Published: 2025-01-14T18:54:45.430Z\n\ud83d\udccf Modified: 2025-01-14T18:54:45.430Z\n\ud83d\udd17 References:\n1. https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-9v8m-qv22-f268", "creation_timestamp": "2025-01-14T19:10:25.000000Z"}, {"uuid": "69ac986a-b6d9-40b2-b17f-f4d77c076d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23042", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1584", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23042\n\ud83d\udd39 Description: Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or directory path. This vulnerability arises due to the lack of case normalization in the file path validation logic. On case-insensitive file systems, such as those used by Windows and macOS, this flaw enables attackers to circumvent security restrictions and access sensitive files that should be protected. This issue can lead to unauthorized data access, exposing sensitive information and undermining the integrity of Gradio's security model. Given Gradio's popularity for building web applications, particularly in machine learning and AI, this vulnerability may pose a substantial threat if exploited in production environments. This issue has been addressed in release version 5.6.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-01-14T18:49:16.329Z\n\ud83d\udccf Modified: 2025-01-14T18:49:16.329Z\n\ud83d\udd17 References:\n1. https://github.com/gradio-app/gradio/security/advisories/GHSA-j2jg-fq62-7c3h", "creation_timestamp": "2025-01-14T19:11:01.000000Z"}, {"uuid": "4e43870c-17e0-47bd-ac55-0006960e2405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23044", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2366", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23044\n\ud83d\udd39 Description: PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the missing SameSite= attribute on cookies and the ability to refresh cookies. Commit 14acb704891245bf1703ce6296d62112e85aa995 patches the issue.\n\ud83d\udccf Published: 2025-01-20T15:43:23.882Z\n\ud83d\udccf Modified: 2025-01-20T15:43:23.882Z\n\ud83d\udd17 References:\n1. https://github.com/pwndoc/pwndoc/security/advisories/GHSA-9v2v-jxvw-52rq\n2. https://github.com/pwndoc/pwndoc/commit/14acb704891245bf1703ce6296d62112e85aa995", "creation_timestamp": "2025-01-20T16:01:44.000000Z"}, {"uuid": "1a0ae0b9-e29b-4dea-972f-28e170e66136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "published-proof-of-concept", "source": "Telegram/QWh54U4nMwQckAM9d9Q-FJNnfECO_NAP6OGvP6c5SSPdEWQ", "content": "", "creation_timestamp": "2026-04-24T23:00:15.000000Z"}, {"uuid": "98812b1d-a46a-4b4b-b412-254e94c7b3fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23049", "type": "published-proof-of-concept", "source": "Telegram/HXBqyCxgvMHLtEfnDSGBXVUAF1NVCNReOpP5SUo5lvs4FM4", "content": "", "creation_timestamp": "2025-06-23T12:01:46.000000Z"}, {"uuid": "93c12509-6f65-450e-902f-30a367a7e371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23045", "type": "seen", "source": "https://t.me/cvedetector/16611", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23045 - CVAT Nuclio Function Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23045 \nPublished : Jan. 28, 2025, 4:15 p.m. | 1\u00a0hour, 18\u00a0minutes ago \nDescription : Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with an account on an affected CVAT instance is able to run arbitrary code in the context of the Nuclio function container. This vulnerability affects CVAT deployments that run any of the serverless functions of type tracker from the CVAT Git repository, namely TransT and SiamMask. Deployments with custom functions of type tracker may also be affected, depending on how they handle state serialization. If a function uses an unsafe serialization library such as pickle or jsonpickle, it's likely to be vulnerable. Upgrade to CVAT 2.26.0 or later. If you are unable to upgrade, shut down any instances of the TransT or SiamMask functions you're running. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-28T18:47:23.000000Z"}, {"uuid": "c2d7fc7f-f776-470e-bd05-3236c7f6af6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23042", "type": "seen", "source": "https://t.me/cvedetector/15335", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23042 - Gradio Case-Insensitive Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23042 \nPublished : Jan. 14, 2025, 7:15 p.m. | 26\u00a0minutes ago \nDescription : Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List (ACL) for file paths can be bypassed by altering the letter case of a blocked file or directory path. This vulnerability arises due to the lack of case normalization in the file path validation logic. On case-insensitive file systems, such as those used by Windows and macOS, this flaw enables attackers to circumvent security restrictions and access sensitive files that should be protected. This issue can lead to unauthorized data access, exposing sensitive information and undermining the integrity of Gradio's security model. Given Gradio's popularity for building web applications, particularly in machine learning and AI, this vulnerability may pose a substantial threat if exploited in production environments. This issue has been addressed in release version 5.6.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T20:42:07.000000Z"}, {"uuid": "13db4d72-e585-4b2d-832c-d3974c37d2a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23041", "type": "seen", "source": "https://t.me/cvedetector/15334", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23041 - Umbraco.Forms Client-Side Validation Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-23041 \nPublished : Jan. 14, 2025, 7:15 p.m. | 26\u00a0minutes ago \nDescription : Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade. There are no known workarounds for this issue. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T20:42:07.000000Z"}, {"uuid": "6e826a6e-c7fe-4d79-af1c-da01b7a2f45b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23040", "type": "seen", "source": "https://t.me/cvedetector/15510", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23040 - GitHub Desktop: Git Credential Protocol Misinterpretation Due to Malicious Remote URL Schema\", \n  \"Content\": \"CVE ID : CVE-2025-23040 \nPublished : Jan. 15, 2025, 6:15 p.m. | 42\u00a0minutes ago \nDescription : GitHub Desktop is an open-source Electron-based GitHub app designed for git development. An attacker convincing a user to clone a repository directly or through a submodule can allow the attacker access to the user's credentials through the use of maliciously crafted remote URL. GitHub Desktop relies on Git to perform all network related operations (such as cloning, fetching, and pushing). When a user attempts to clone a repository GitHub Desktop will invoke `git clone` and when Git encounters a remote which requires authentication it will request the credentials for that remote host from GitHub Desktop using the git-credential protocol. Using a maliciously crafted URL it's possible to cause the credential request coming from Git to be misinterpreted by Github Desktop such that it will send credentials for a different host than the host that Git is currently communicating with thereby allowing for secret exfiltration. GitHub username and OAuth token, or credentials for other Git remote hosts stored in GitHub Desktop could be improperly transmitted to an unrelated host. Users should update to GitHub Desktop 3.4.12 or greater which fixes this vulnerability. Users who suspect they may be affected should revoke any relevant credentials. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T20:09:12.000000Z"}, {"uuid": "aefc0a7f-1450-4713-80a8-e957b37455a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "seen", "source": "Telegram/7JMoJAQEhPOIVteXEuNh9KSphNivDPm_BTKZ1UGMe2rmK8c", "content": "", "creation_timestamp": "2025-03-14T15:02:35.000000Z"}, {"uuid": "5323639d-dc63-4711-aeed-3287e787eb9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23040", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsephv7rx2n", "content": "", "creation_timestamp": "2025-01-15T18:15:51.221349Z"}, {"uuid": "b99acc52-0fd9-4a3b-aebf-65ffd17b5d64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23040", "type": "seen", "source": "https://github.blog/open-source/git/git-security-vulnerabilities-announced-5/", "content": "", "creation_timestamp": "2025-01-14T17:04:36.000000Z"}, {"uuid": "f4a55954-7fa9-4f6e-827b-28ba0eb7c7ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23040", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lgsvanwiok2v", "content": "", "creation_timestamp": "2025-01-28T16:37:00.390836Z"}, {"uuid": "d9b85761-bf22-40f1-b49b-923ca804905b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/26", "content": "", "creation_timestamp": "2025-07-10T15:52:45.000000Z"}, {"uuid": "79d63c65-1c9a-42a6-849e-5e660e944f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114830011674092966", "content": "", "creation_timestamp": "2025-07-10T17:02:07.590884Z"}, {"uuid": "433f9498-32dc-4ac9-8aac-7d3691c653e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ltmxj4ukzg2d", "content": "", "creation_timestamp": "2025-07-10T18:29:06.680819Z"}, {"uuid": "94c06c14-b400-4d39-9b28-13dbca3bb288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23049", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3m24d7juogt2j", "content": "", "creation_timestamp": "2025-10-01T05:39:32.668798Z"}, {"uuid": "b15816fa-48c3-43ae-b3ee-bb04eb829770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "seen", "source": "https://gist.github.com/Fakechippies/72b000bf560329a41f9f8c81236a07d3", "content": "", "creation_timestamp": "2026-02-05T18:22:19.000000Z"}, {"uuid": "f1e2e738-ca0d-417c-aebe-9c2a4c6327cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://gist.github.com/stanibaj/c568ae7bd5aee35ae501378f12e973ad", "content": "", "creation_timestamp": "2026-04-19T12:57:05.000000Z"}, {"uuid": "180b8b4a-b2f3-4af9-9e3b-7ef95a6d3869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://gist.github.com/stanibaj/b9432d60d00ca372cc2cfc88f4bff31b", "content": "", "creation_timestamp": "2026-04-19T14:35:21.000000Z"}, {"uuid": "fc64c326-eb36-49c2-9c00-7030c22bb862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://gist.github.com/stanibaj/0c272d06ca7cc073f1d673642e2e3e93", "content": "", "creation_timestamp": "2026-04-18T18:19:31.000000Z"}, {"uuid": "14ada46a-7351-4d78-a755-e848173ab62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://gist.github.com/stanibaj/968e63fb6a027d6a3443f0de61b97279", "content": "", "creation_timestamp": "2026-04-19T09:35:40.000000Z"}, {"uuid": "9ad4c24d-246e-4080-a0b9-404c88d0281e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "236d22f7-604a-43a6-bc05-0c5e75d38532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23046", "type": "seen", "source": "https://t.me/cvedetector/18905", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23046 - GLPI OAuth Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-23046 \nPublished : Feb. 25, 2025, 6:15 p.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a \"Mail servers\" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth authorization has already been established. Version 10.0.18 contains a patch. As a workaround, one may disable any \"Mail servers\" authentication provider configured to use an Oauth connection provided by the OauthIMAP plugin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-25T21:33:59.000000Z"}, {"uuid": "b410c15f-7507-48b3-a103-725a78bfe05b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "published-proof-of-concept", "source": "Telegram/TdGyPlotjZBHY9caFGPHDrfhM1u9N2kdVcipqf75AoDeXNo", "content": "", "creation_timestamp": "2025-10-22T09:00:04.000000Z"}, {"uuid": "2351831a-e854-4bb1-ad09-d37af413bc03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23040", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1812", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23040\n\ud83d\udd39 Description: GitHub Desktop is an open-source Electron-based GitHub app designed for git development. An attacker convincing a user to clone a repository directly or through a submodule can allow the attacker access to the user's credentials through the use of maliciously crafted remote URL. GitHub Desktop relies on Git to perform all network related operations (such as cloning, fetching, and pushing). When a user attempts to clone a repository GitHub Desktop will invoke `git clone` and when Git encounters a remote which requires authentication it will request the credentials for that remote host from GitHub Desktop using the git-credential protocol. Using a maliciously crafted URL it's possible to cause the credential request coming from Git to be misinterpreted by Github Desktop such that it will send credentials for a different host than the host that Git is currently communicating with thereby allowing for secret exfiltration. GitHub username and OAuth token, or credentials for other Git remote hosts stored in GitHub Desktop could be improperly transmitted to an unrelated host. Users should update to GitHub Desktop 3.4.12 or greater which fixes this vulnerability. Users who suspect they may be affected should revoke any relevant credentials.\n\ud83d\udccf Published: 2025-01-15T17:25:00.945Z\n\ud83d\udccf Modified: 2025-01-15T17:25:00.945Z\n\ud83d\udd17 References:\n1. https://github.com/desktop/desktop/security/advisories/GHSA-36mm-rh9q-cpqq\n2. https://docs.github.com/en/apps/using-github-apps/reviewing-and-revoking-authorization-of-github-apps\n3. https://git-scm.com/docs/git-credential", "creation_timestamp": "2025-01-15T17:54:47.000000Z"}, {"uuid": "c4b748a2-10c4-44c5-9928-264f0e4995c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23047", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2608", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23047\n\ud83d\udd39 Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default `Access-Control-Allow-Origin` header value could lead to sensitive data exposure for users of Cilium versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4 who deploy Hubble UI using either Cilium CLI or via the Cilium Helm chart. A user with access to a Hubble UI instance affected by this issue could leak configuration details about the Kubernetes cluster which Hubble UI is monitoring, including node names, IP addresses, and other metadata about workloads and the cluster networking configuration. In order for this vulnerability to be exploited, a victim would have to first visit a malicious page. This issue is fixed in Cilium v1.14.18, v1.15.12, and v1.16.5. As a workaround, users who deploy Hubble UI using the Cilium Helm chart directly can remove the CORS headers from the Helm template as shown in the patch from commit a3489f190ba6e87b5336ee685fb6c80b1270d06d.\n\ud83d\udccf Published: 2025-01-22T17:20:09.715Z\n\ud83d\udccf Modified: 2025-01-22T17:20:09.715Z\n\ud83d\udd17 References:\n1. https://github.com/cilium/cilium/security/advisories/GHSA-h78m-j95m-5356\n2. https://github.com/cilium/cilium/commit/a3489f190ba6e87b5336ee685fb6c80b1270d06d", "creation_timestamp": "2025-01-22T18:02:40.000000Z"}, {"uuid": "4e5cd3e6-2979-413c-95e2-0f91b60853b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23046", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5342", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23046\n\ud83d\udd25 CVSS Score: 6.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a \"Mail servers\" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth authorization has already been established. Version 10.0.18 contains a patch. As a workaround, one may disable any \"Mail servers\" authentication provider configured to use an Oauth connection provided by the OauthIMAP plugin.\n\ud83d\udccf Published: 2025-02-25T17:48:17.801Z\n\ud83d\udccf Modified: 2025-02-25T17:48:17.801Z\n\ud83d\udd17 References:\n1. https://github.com/glpi-project/glpi/security/advisories/GHSA-vfxc-qg3v-j2r5\n2. https://github.com/glpi-project/glpi/releases/tag/10.0.18", "creation_timestamp": "2025-02-25T18:22:35.000000Z"}, {"uuid": "cf1203b9-51ce-4ce0-8d59-4c8350caa4bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "published-proof-of-concept", "source": "Telegram/zZq4LjCv3lg7SAnTEL8ri9PTbsoMxz2uCoiE6kbrXJdK8WQ", "content": "", "creation_timestamp": "2025-10-22T15:00:07.000000Z"}, {"uuid": "2e045d01-4245-48d9-bb07-7c435deda6d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "seen", "source": "https://t.me/cvedetector/20303", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2304 - Camaleon CMS Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2304 \nPublished : March 14, 2025, 1:15 p.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : A Privilege Escalation through a Mass Assignment exists in Camaleon CMS  \n  \nWhen a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit!\u00a0method, which allows all parameters to pass through without any filtering. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T16:42:37.000000Z"}, {"uuid": "64ab4874-722a-4507-b10e-796e8b8d98d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23047", "type": "seen", "source": "https://t.me/cvedetector/16135", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23047 - \"Cilium Origin Header Cross-Site Resource Information Leakage\"\", \n  \"Content\": \"CVE ID : CVE-2025-23047 \nPublished : Jan. 22, 2025, 6:15 p.m. | 27\u00a0minutes ago \nDescription : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default `Access-Control-Allow-Origin` header value could lead to sensitive data exposure for users of Cilium versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4 who deploy Hubble UI using either Cilium CLI or via the Cilium Helm chart. A user with access to a Hubble UI instance affected by this issue could leak configuration details about the Kubernetes cluster which Hubble UI is monitoring, including node names, IP addresses, and other metadata about workloads and the cluster networking configuration. In order for this vulnerability to be exploited, a victim would have to first visit a malicious page. This issue is fixed in Cilium v1.14.18, v1.15.12, and v1.16.5. As a workaround, users who deploy Hubble UI using the Cilium Helm chart directly can remove the CORS headers from the Helm template as shown in the patch from commit a3489f190ba6e87b5336ee685fb6c80b1270d06d. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T19:44:53.000000Z"}, {"uuid": "1f2367ca-a61a-478d-9bd8-55b636ee410e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23045", "type": "published-proof-of-concept", "source": "Telegram/VQDyMSiZHY5xvEKb4oih99dlPq4vD6lnAW-AaTy3B_GN-vo", "content": "", "creation_timestamp": "2025-01-28T17:02:25.000000Z"}, {"uuid": "f6b0a6d4-f3b8-4602-9b13-206dcb9cfe4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23041", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpxnl4lzb2f", "content": "", "creation_timestamp": "2025-01-14T19:16:49.556401Z"}, {"uuid": "89f73949-bad2-4d64-8967-fedd53553c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23042", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpxnndj2s2t", "content": "", "creation_timestamp": "2025-01-14T19:16:51.656912Z"}, {"uuid": "019e90bb-d4e7-4f64-a989-5cf96dee02c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23042", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lg76k7o3pc2d", "content": "", "creation_timestamp": "2025-01-20T20:30:10.495774Z"}, {"uuid": "312bc2f8-1116-4cbf-8933-cb657877e9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23045", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgt5rjua7s2b", "content": "", "creation_timestamp": "2025-01-28T19:09:38.577240Z"}, {"uuid": "5c0be4d3-8aa3-45cd-a656-8999c56ff977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23047", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdxxy7mvw2j", "content": "", "creation_timestamp": "2025-01-22T18:15:53.463763Z"}, {"uuid": "98ff686f-5005-4061-8b66-ca0e62c8914a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23047", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j7k7pi2e", "content": "", "creation_timestamp": "2025-01-22T19:55:07.400000Z"}, {"uuid": "2dbc79d0-f751-4bfe-8340-051722835c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://gist.github.com/stanibaj/aca57b96987bd71f710831ed1f45b8a9", "content": "", "creation_timestamp": "2026-04-14T17:23:42.000000Z"}, {"uuid": "f520784c-8759-4cca-bf39-5ac009d95481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-23048", "type": "seen", "source": "https://gist.github.com/stanibaj/f1eecd7ed798506a268661c2be536136", "content": "", "creation_timestamp": "2026-04-14T18:32:12.000000Z"}, {"uuid": "6deab876-ca75-493f-bbb1-76077753ca26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7546", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2304\n\ud83d\udd25 CVSS Score: 9.4 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: A Privilege Escalation through a Mass Assignment exists in Camaleon CMS\n\nWhen a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit!\u00a0method, which allows all parameters to pass through without any filtering.\n\ud83d\udccf Published: 2025-03-14T12:34:19.489Z\n\ud83d\udccf Modified: 2025-03-14T13:38:33.747Z\n\ud83d\udd17 References:\n1. https://www.tenable.com/security/research/tra-2025-09\n2. https://github.com/owen2345/camaleon-cms", "creation_timestamp": "2025-03-14T13:47:11.000000Z"}, {"uuid": "916e6851-fdad-403b-99f3-444664a0c49f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "published-proof-of-concept", "source": "Telegram/HmmEzJhZyvq9Cl_v7Ie06-_y_8uCAlQkd_ZcpfWOTCxlQxA", "content": "", "creation_timestamp": "2026-04-20T03:00:06.000000Z"}, {"uuid": "66ba96e1-42a0-468a-bdc5-889c51497469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2304", "type": "published-proof-of-concept", "source": "Telegram/LegGEKh0JTQmQ5caQ5fsgnXr59alAvRjbf9RqdH14mBAnic", "content": "", "creation_timestamp": "2026-04-25T03:00:05.000000Z"}, {"uuid": "86d125a6-5fee-4dd1-8e8e-12f356d1318a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23049", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19195", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23049\n\ud83d\udd25 CVSS Score: 8.4 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:H/SC:L/SI:L/SA:L)\n\ud83d\udd39 Description: Meridian Technique Materialise OrthoView through 7.5.1 allows OS Command Injection when servlet sharing is enabled.\n\ud83d\udccf Published: 2025-06-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-23T11:29:52.543Z\n\ud83d\udd17 References:\n1. https://www.materialise.com/en/healthcare/orthoview\n2. https://www.materialise.com/en/healthcare/orthoview/security-vulnerability", "creation_timestamp": "2025-06-23T11:46:58.000000Z"}, {"uuid": "bba3cf0b-8881-4211-85c2-a79e0d35eb5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23048", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/56511", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.\nURL\uff1ahttps://github.com/absholi7ly/CVE-2025-23048-POC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-10-22T12:46:30.000000Z"}, {"uuid": "2103202b-efaf-401b-b555-a7697b1a1aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23044", "type": "seen", "source": "https://t.me/cvedetector/15890", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23044 - PwnDoc Cross-Site Request Forgery (CSRF) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23044 \nPublished : Jan. 20, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the missing SameSite= attribute on cookies and the ability to refresh cookies. Commit 14acb704891245bf1703ce6296d62112e85aa995 patches the issue. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-20T18:23:14.000000Z"}]}