{"vulnerability": "CVE-2025-2885", "sightings": [{"uuid": "3139fb9a-ce0c-4f40-bae5-79e56710594e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-28856", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "72984d34-83c6-4ec2-ad2e-bf93e7c2e1da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-28859", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "5be3fee3-98cd-4cc9-ba83-f04bd8a83ca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-28859", "type": "seen", "source": "Telegram/5hc_GDBIhvPMdlkY5wvlRmFRduPyEoAyugjukrE5SSxvAy4", "content": "", "creation_timestamp": "2026-04-01T21:28:56.000000Z"}, {"uuid": "ab79e5c6-ae33-425c-896d-e564917b48e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-28858", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8913", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-28858\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arrow Plugins Arrow Maps allows Reflected XSS. This issue affects Arrow Maps: from n/a through 1.0.9.\n\ud83d\udccf Published: 2025-03-26T14:24:21.625Z\n\ud83d\udccf Modified: 2025-03-26T16:21:00.200Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ap-google-maps/vulnerability/wordpress-arrow-maps-plugin-1-0-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-26T17:25:46.000000Z"}, {"uuid": "1e486cf7-6302-454b-991e-c2673c40b4bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2885", "type": "seen", "source": "https://t.me/cvedetector/21340", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2885 - Apache HTTP Server XML External Entity (XXE) Injection\", \n  \"Content\": \"CVE ID : CVE-2025-2885 \nPublished : March 27, 2025, 11:15 p.m. | 38\u00a0minutes ago \nDescription : Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to the client instead of the intended version in the root metadata file, altering the version fetched by the client. Users should upgrade to tough version 0.20.0 or later and ensure any forked or derivative code is patched to incorporate the new fixes. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T01:01:04.000000Z"}, {"uuid": "10f00be6-1827-46b4-900c-7c4e6940d05b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-28856", "type": "seen", "source": "Telegram/5hc_GDBIhvPMdlkY5wvlRmFRduPyEoAyugjukrE5SSxvAy4", "content": "", "creation_timestamp": "2026-04-01T21:28:56.000000Z"}, {"uuid": "31427b37-701f-4a52-bfdd-2183ab6e4955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2885", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9231", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2885\n\ud83d\udd25 CVSS Score: 5.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: When updating the root role, a TUF client must establish a trusted line of continuity to the latest set of keys. While sequentially downloading new versions of the root metadata file, tough will not check that the root object version it received was the next sequential version from the previously trusted root metadata. As a result, tough could trust content associated with a previous root role. The tough client will trust an unexpected root role in the event that an actor with control of the storage medium of a trusted TUF repository inappropriately replaced the contents of one of the root metadata files with an adequately signed previous version. As a result, tough could trust content associated with a previous root role.\n\ud83d\udccf Published: 2025-03-27T22:18:11.727Z\n\ud83d\udccf Modified: 2025-03-27T22:18:11.727Z\n\ud83d\udd17 References:\n1. https://github.com/awslabs/tough/security/advisories/GHSA-5vmp-m5v2-hx47\n2. https://aws.amazon.com/security/security-bulletins/AWS-2025-007/", "creation_timestamp": "2025-03-27T22:36:39.000000Z"}]}