{"vulnerability": "CVE-2025-3123", "sightings": [{"uuid": "02b0a18a-6e1c-4e9f-953a-1f0b034756d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31231", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqdxtxy5mf2r", "content": "", "creation_timestamp": "2025-05-30T00:25:35.309981Z"}, {"uuid": "8bc07c02-bd29-4774-9340-71712acb3891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31234", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114498979024635606", "content": "", "creation_timestamp": "2025-05-13T05:56:09.253406Z"}, {"uuid": "3112f603-3225-46e7-b7ee-05a219cc9e6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31239", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-728/", "content": "", "creation_timestamp": "2025-07-30T03:00:00.000000Z"}, {"uuid": "f4f5296d-2dd1-4127-8c53-3b54a0621454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31238", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16277", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31238\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.\n\ud83d\udccf Published: 2025-05-12T21:42:22.605Z\n\ud83d\udccf Modified: 2025-05-14T04:01:05.663Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122720\n2. https://support.apple.com/en-us/122716\n3. https://support.apple.com/en-us/122404\n4. https://support.apple.com/en-us/122721\n5. https://support.apple.com/en-us/122722\n6. https://support.apple.com/en-us/122719", "creation_timestamp": "2025-05-14T04:31:47.000000Z"}, {"uuid": "99863121-03d8-4a3f-99e0-b8236789df7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3123", "type": "seen", "source": "https://t.me/cvedetector/21932", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3123 - WonderCMS Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3123 \nPublished : April 2, 2025, 11:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in WonderCMS 3.5.0. Affected by this issue is the function installUpdateModuleAction of the component Theme Installation/Plugin Installation. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains, that \"[t]he philosophy has always been, admin [...] bear responsibility to not install themes/plugins from untrusted sources.\" \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T02:41:48.000000Z"}, {"uuid": "28eb2419-4045-4feb-9923-8a8e03c318e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31239", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-302/", "content": "", "creation_timestamp": "2025-05-21T03:00:00.000000Z"}, {"uuid": "ae2dd278-52e6-4c1e-b979-12dadb1db8bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31238", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-301/", "content": "", "creation_timestamp": "2025-05-21T03:00:00.000000Z"}, {"uuid": "f30efe7f-0316-4eab-b977-e18d030b8b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31233", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-298/", "content": "", "creation_timestamp": "2025-05-21T03:00:00.000000Z"}, {"uuid": "b64a77e2-46ef-479b-a6cb-0b8ef2470603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31237", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loz2fzys5i2h", "content": "", "creation_timestamp": "2025-05-12T22:47:01.165769Z"}, {"uuid": "5bf7cb2a-0eeb-4c43-8c8b-0e7891c697ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31238", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loz2g2cket2p", "content": "", "creation_timestamp": "2025-05-12T22:47:02.456300Z"}, {"uuid": "5a80f9c4-32d8-49be-b14b-57132f60f009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31236", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loz2g2nuaj2e", "content": "", "creation_timestamp": "2025-05-12T22:47:04.329421Z"}, {"uuid": "20f28869-0a82-4ddd-9649-78ffcad98cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31239", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loz2g2rbff2t", "content": "", "creation_timestamp": "2025-05-12T22:47:04.933210Z"}, {"uuid": "e9ae8cd7-c5e5-40b7-9f39-396251e5a417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31234", "type": "seen", "source": "Telegram/uS-LGh_eIl2lI_O3kT7MFmdoi3VL-1CYgYB6CRF5I8i3PT0", "content": "", "creation_timestamp": "2026-04-02T22:17:20.000000Z"}, {"uuid": "60752026-2171-4ebd-9d2d-e01b9dbf2bd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31237", "type": "seen", "source": "Telegram/uS-LGh_eIl2lI_O3kT7MFmdoi3VL-1CYgYB6CRF5I8i3PT0", "content": "", "creation_timestamp": "2026-04-02T22:17:20.000000Z"}, {"uuid": "d9fdcb37-b60e-4d04-9dcd-71a231561857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31232", "type": "seen", "source": "Telegram/uS-LGh_eIl2lI_O3kT7MFmdoi3VL-1CYgYB6CRF5I8i3PT0", "content": "", "creation_timestamp": "2026-04-02T22:17:20.000000Z"}, {"uuid": "2605d083-4ca5-4d20-a0b6-564f64d4afb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31238", "type": "seen", "source": "Telegram/uS-LGh_eIl2lI_O3kT7MFmdoi3VL-1CYgYB6CRF5I8i3PT0", "content": "", "creation_timestamp": "2026-04-02T22:17:20.000000Z"}, {"uuid": "66c8d22d-e41b-417d-a7a4-955f0d59bc03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31235", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16112", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31235\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination.\n\ud83d\udccf Published: 2025-05-12T21:42:17.107Z\n\ud83d\udccf Modified: 2025-05-13T13:19:21.777Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122716\n2. https://support.apple.com/en-us/122405\n3. https://support.apple.com/en-us/122717\n4. https://support.apple.com/en-us/122718", "creation_timestamp": "2025-05-13T13:30:25.000000Z"}, {"uuid": "98dd6399-61e1-4ead-a726-732e402560ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31239", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16113", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31239\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination.\n\ud83d\udccf Published: 2025-05-12T21:42:21.804Z\n\ud83d\udccf Modified: 2025-05-13T13:14:43.136Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122720\n2. https://support.apple.com/en-us/122716\n3. https://support.apple.com/en-us/122405\n4. https://support.apple.com/en-us/122404\n5. https://support.apple.com/en-us/122717\n6. https://support.apple.com/en-us/122721\n7. https://support.apple.com/en-us/122722\n8. https://support.apple.com/en-us/122718", "creation_timestamp": "2025-05-13T13:30:27.000000Z"}, {"uuid": "4721c0ae-97d0-42db-88e1-e882b7d88290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31232", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31232\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A sandboxed app may be able to access sensitive user data.\n\ud83d\udccf Published: 2025-05-12T21:42:34.632Z\n\ud83d\udccf Modified: 2025-05-13T19:13:57.072Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122716\n2. https://support.apple.com/en-us/122717\n3. https://support.apple.com/en-us/122718", "creation_timestamp": "2025-05-13T19:31:01.000000Z"}, {"uuid": "bb619707-0b49-4ea2-8558-f8bfcee61ec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31239", "type": "seen", "source": "https://t.me/cvedetector/25132", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31239 - A use-after-free issue was addressed with improved\", \n  \"Content\": \"CVE ID : CVE-2025-31239 \nPublished : May 12, 2025, 10:15 p.m. | 15\u00a0minutes ago \nDescription : A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T01:19:32.000000Z"}, {"uuid": "cc7212d7-5ced-4cbc-b76e-819acdc851d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31237", "type": "seen", "source": "https://t.me/cvedetector/25134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31237 - This issue was addressed with improved checks. Thi\", \n  \"Content\": \"CVE ID : CVE-2025-31237 \nPublished : May 12, 2025, 10:15 p.m. | 15\u00a0minutes ago \nDescription : This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. Mounting a maliciously crafted AFP network share may lead to system termination. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T01:19:34.000000Z"}, {"uuid": "81ee13b8-47d5-4365-9413-fc7580961279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3123", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lluwbce72q2u", "content": "", "creation_timestamp": "2025-04-03T03:06:32.358437Z"}, {"uuid": "a339a9d4-6775-4da9-a219-f2768405bad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31235", "type": "seen", "source": "https://projectzero.google/2026/01/sound-barrier-2.html", "content": "", "creation_timestamp": "2026-01-30T07:00:00.000000Z"}, {"uuid": "2fef542f-4a0e-45b2-83cd-80cc8547f8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3123", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10230", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3123\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in WonderCMS 3.5.0. Affected by this issue is the function installUpdateModuleAction of the component Theme Installation/Plugin Installation. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor explains, that \"[t]he philosophy has always been, admin [...] bear responsibility to not install themes/plugins from untrusted sources.\"\n\ud83d\udccf Published: 2025-04-02T22:31:04.900Z\n\ud83d\udccf Modified: 2025-04-03T14:07:27.286Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303014\n2. https://vuldb.com/?ctiid.303014\n3. https://vuldb.com/?submit.525101\n4. https://github.com/WonderCMS/wondercms/issues/330\n5. https://github.com/WonderCMS/wondercms/issues/330#issuecomment-2745347770\n6. https://github.com/WonderCMS/wondercms/issues/330#issue-2940381112", "creation_timestamp": "2025-04-03T14:35:19.000000Z"}, {"uuid": "4f0b4ab5-e860-4052-8120-742a8bd39d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31236", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16067", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31236\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.\n\ud83d\udccf Published: 2025-05-12T21:43:03.702Z\n\ud83d\udccf Modified: 2025-05-12T21:43:03.702Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122716", "creation_timestamp": "2025-05-12T22:29:20.000000Z"}, {"uuid": "1730fb06-afa5-4909-813d-24551a02916d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31235", "type": "published-proof-of-concept", "source": "https://t.me/AfroHax/2901", "content": "MacOS Sandbox Escape via Double Free in coreaudiod/CoreAudio Framework\n\nhttps://project-zero.issues.chromium.org/issues/406271181\n\nCVE-2025-31235", "creation_timestamp": "2025-06-25T16:41:43.000000Z"}, {"uuid": "6a60ead6-e22a-4405-bff4-4589972db49c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31236", "type": "seen", "source": "https://t.me/cvedetector/25129", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31236 - An information disclosure issue was addressed with\", \n  \"Content\": \"CVE ID : CVE-2025-31236 \nPublished : May 12, 2025, 10:15 p.m. | 15\u00a0minutes ago \nDescription : An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T01:19:27.000000Z"}, {"uuid": "0242fe29-8d24-45da-91f7-18636f715ef5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31238", "type": "seen", "source": "https://t.me/cvedetector/25130", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31238 - The issue was addressed with improved checks. This\", \n  \"Content\": \"CVE ID : CVE-2025-31238 \nPublished : May 12, 2025, 10:15 p.m. | 15\u00a0minutes ago \nDescription : The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T01:19:28.000000Z"}]}