{"vulnerability": "CVE-2025-23167", "sightings": [{"uuid": "7bdc2cd3-2d1b-43d3-99fa-8e3c1e896652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpknspp2t224", "content": "", "creation_timestamp": "2025-05-19T22:49:24.064076Z"}, {"uuid": "256ff31b-dfeb-4f88-8faf-8d11a11beaea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpimlbe4uk2k", "content": "", "creation_timestamp": "2025-05-19T03:22:00.667540Z"}, {"uuid": "17d12c9e-dcab-49da-8dd6-7c56ecc06f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpissi3vzm2h", "content": "", "creation_timestamp": "2025-05-19T05:13:24.246415Z"}, {"uuid": "18a41d0f-b4ae-49b2-bcb6-72bc2b64edfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114533101879861749", "content": "", "creation_timestamp": "2025-05-19T06:34:02.674843Z"}, {"uuid": "73d96056-5061-42a5-996d-bb3f09258591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lp6d5gqzx327", "content": "", "creation_timestamp": "2025-05-15T01:06:34.992091Z"}, {"uuid": "f2bea07f-f066-48d2-88a2-a82a76d133e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "published-proof-of-concept", "source": "Telegram/5aUcibga9ahdvEaXGsFmNWu2zpz13cdX6Lx4aj6F7TA15sg", "content": "", "creation_timestamp": "2025-07-15T23:00:10.000000Z"}, {"uuid": "9dae0b58-c8de-43e1-affc-c89833fe5275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16795", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23167\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: A flaw in Node.js 20's HTTP parser allows improper termination of HTTP/1 headers using `\\r\\n\\rX` instead of the required `\\r\\n\\r\\n`.\nThis inconsistency enables request smuggling, allowing attackers to bypass proxy-based access controls and submit unauthorized requests.\n\nThe issue was resolved by upgrading `llhttp` to version 9, which enforces correct header termination.\n\nImpact:\n* This vulnerability affects only Node.js 20.x users prior to the `llhttp` v9 upgrade.\n\ud83d\udccf Published: 2025-05-19T01:25:08.454Z\n\ud83d\udccf Modified: 2025-05-19T01:25:08.454Z\n\ud83d\udd17 References:\n1. https://nodejs.org/en/blog/vulnerability/may-2025-security-releases", "creation_timestamp": "2025-05-19T02:38:12.000000Z"}, {"uuid": "955c525f-fd39-4195-9fa6-4f4b66723162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/44148", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aWorking exploit for CVE-2025-23167 \u2013 HTTP request smuggling in vulnerable Node.js 20.x versions before 20.19.2\nURL\uff1ahttps://github.com/abhisek3122/CVE-2025-23167\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-15T17:52:54.000000Z"}, {"uuid": "aae954c0-c18c-460e-a88a-76c918e02c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23167", "type": "published-proof-of-concept", "source": "Telegram/c1X437Ek3vsixCqU5hVEjHgEJk4FAvI3A_M_-ydLgFXxT70", "content": "", "creation_timestamp": "2025-07-15T21:00:04.000000Z"}]}