{"vulnerability": "CVE-2025-27152", "sightings": [{"uuid": "d49fc923-fe31-4596-a5c4-d6aaf0c3f8f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "8f36523a-7ade-4283-a43d-b1e8788516cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mj36pji3jc2f", "content": "", "creation_timestamp": "2026-04-09T16:04:15.265934Z"}, {"uuid": "d8807362-7591-4b94-ab49-d02cabe99e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://t.me/cvedetector/19834", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27152 - Axios SSRF and Credential Leakage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27152 \nPublished : March 7, 2025, 4:15 p.m. | 58\u00a0minutes ago \nDescription : axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if \u2060baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T18:17:23.000000Z"}, {"uuid": "be7d9e31-ab94-4ab1-a3cd-8edd15f1af21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/27242", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aDemonstration of CVE-2025-27152\nURL\uff1ahttps://github.com/andreglock/axios-ssrf\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-30T08:39:20.000000Z"}, {"uuid": "6e37dd08-4061-4fa8-a128-f34bc1f841c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6839", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27152\n\ud83d\udd25 CVSS Score: 7.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P)\n\ud83d\udd39 Description: axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if \u2060baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue impacts both server-side and client-side usage of axios. This issue is fixed in 1.8.2.\n\ud83d\udccf Published: 2025-03-07T15:13:15.155Z\n\ud83d\udccf Modified: 2025-03-07T15:13:15.155Z\n\ud83d\udd17 References:\n1. https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6\n2. https://github.com/axios/axios/issues/6463", "creation_timestamp": "2025-03-07T15:35:16.000000Z"}, {"uuid": "7fa04ecb-6bfb-4246-8880-6821d7f78666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/39523", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aAxios CVE-2025-27152 PoC\nURL\uff1ahttps://github.com/davidblakecoe/axios-CVE-2025-27152-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-06T21:24:39.000000Z"}, {"uuid": "e4e6cc64-ad5a-4dab-8755-6f24e60acfe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "published-proof-of-concept", "source": "Telegram/t2mOu0CqYZ5qLLxESiGoH_sUvRUlHAHlqkD_UKh-Uep6sL0", "content": "", "creation_timestamp": "2025-06-07T03:00:07.000000Z"}, {"uuid": "6850f6dc-a8a4-4cb3-a09c-9dc58525714e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "Telegram/TAnS5-0xeCyuh1s6B64uNQalBNBPo6r9_SpP-zjLThswhZUC", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "872d3029-d22f-4716-a7f3-a456e826c625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "Telegram/uSFG0tkddRv8u_t28dz7WXn7-H4ex8B2FDIB0RbG1xO7MaAq", "content": "", "creation_timestamp": "2025-03-08T04:35:53.000000Z"}, {"uuid": "1ae70c83-bb23-466d-8034-baf32a244acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "published-proof-of-concept", "source": "Telegram/qtf5UlSjl8ansax6HEFOWjNwUYd29vo_Y6ok0vpVyjxeaHc", "content": "", "creation_timestamp": "2025-03-30T17:00:07.000000Z"}, {"uuid": "f09aed96-62a9-4c19-bfa4-c0a518a724a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "Telegram/GvPZHyEbeVxrI-_IlIz9tH0tmbQ0NIgaQyLb0r6ME-4MX0o", "content": "", "creation_timestamp": "2025-03-07T17:01:02.000000Z"}, {"uuid": "a871e3f0-43f0-4726-8ebc-11e26cde6581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lk34kmsxgc2y", "content": "", "creation_timestamp": "2025-03-11T03:24:45.761548Z"}, {"uuid": "3f4e30df-5744-44d8-9de6-3776a0c14ea9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lk5cpdjizk2y", "content": "", "creation_timestamp": "2025-03-12T00:20:03.225802Z"}, {"uuid": "0f7ac260-7072-443c-85d8-7f062068cf3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-27152", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lk3kao2sm227", "content": "", "creation_timestamp": "2025-03-11T07:29:41.542457Z"}, {"uuid": "c98dfca1-7e96-4c6f-a395-6db196f57e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://bsky.app/profile/sushicomabacate.com/post/3lk445uagcc25", "content": "", "creation_timestamp": "2025-03-11T12:50:19.431883Z"}, {"uuid": "3ebb8ac7-b1ef-4c95-ba30-9e4bb416e7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3llwgjl564x2y", "content": "", "creation_timestamp": "2025-04-03T17:30:11.044965Z"}, {"uuid": "8400863c-7522-44fb-afda-60aabc915f7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3llxdpwjlkr2n", "content": "", "creation_timestamp": "2025-04-04T02:12:41.518634Z"}, {"uuid": "73adbfbc-824b-4cfc-ad44-d6d7dfe2dae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27152", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}]}