{"vulnerability": "CVE-2025-3165", "sightings": [{"uuid": "12365b4e-cc69-47fe-b156-08dd934eacd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "d2ce79ee-4c34-41e2-8910-6e377730f32f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "published-proof-of-concept", "source": "Telegram/rBaPl4sjefefGjtIOq0wRgeUeB04ehobTToj1DG4HqrzyBQ", "content": "", "creation_timestamp": "2025-06-13T21:00:05.000000Z"}, {"uuid": "28d5390f-f621-40f3-bf76-98180285093d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31650\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.\n\nThis issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.\n\nUsers are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.\n\ud83d\udccf Published: 2025-04-28T19:14:31.107Z\n\ud83d\udccf Modified: 2025-04-28T22:02:46.448Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826", "creation_timestamp": "2025-04-28T22:10:54.000000Z"}, {"uuid": "98af8d2b-3673-43a3-b9f3-65b7b5de51e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13747", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31651\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\u00a0For a subset of unlikely rewrite rule configurations, it was possible \nfor a specially crafted request to bypass some rewrite rules. If those \nrewrite rules effectively enforced security constraints, those \nconstraints could be bypassed.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102.\n\nUsers are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.\n\ud83d\udccf Published: 2025-04-28T19:17:21.721Z\n\ud83d\udccf Modified: 2025-04-28T22:02:47.596Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/list.html?announce@tomcat.apache.org", "creation_timestamp": "2025-04-28T22:10:53.000000Z"}, {"uuid": "9ad1a1af-8692-431b-90d9-93a32b44803a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3165", "type": "seen", "source": "https://t.me/cvedetector/21993", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3165 - Thu-Pacman Chitu Deserialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3165 \nPublished : April 3, 2025, 4:15 p.m. | 47\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in thu-pacman chitu 0.1.0. This affects the function torch.load of the file chitu/chitu/backend.py. The manipulation of the argument ckpt_path/quant_ckpt_dir leads to deserialization. An attack has to be approached locally. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T19:25:00.000000Z"}, {"uuid": "4ec8132d-3281-4d3c-8b53-2cd29c9f61b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3165", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llwlvm4ju62h", "content": "", "creation_timestamp": "2025-04-03T19:06:22.007815Z"}, {"uuid": "d8c41ffc-09f9-46d3-8553-216be568223b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lr34b24fl222", "content": "", "creation_timestamp": "2025-06-08T05:15:45.982513Z"}, {"uuid": "e113c4bf-d3e0-4ea8-aee4-430ca3559a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lqx3wt2lrs2h", "content": "", "creation_timestamp": "2025-06-06T14:59:23.786472Z"}, {"uuid": "efaa0760-b16b-45c8-ad96-1f4812c2afdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/101", "content": "", "creation_timestamp": "2025-04-28T17:45:13.000000Z"}, {"uuid": "1dfbd94d-bc03-4fc4-a065-26a9f14c6718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/100", "content": "", "creation_timestamp": "2025-04-28T17:42:38.000000Z"}, {"uuid": "af5a1c85-98f8-402f-887d-7e796fddfb7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3mduenjpmz322", "content": "", "creation_timestamp": "2026-02-02T07:55:56.872329Z"}, {"uuid": "8aecf62d-b667-4355-8e53-c4e801b2ae25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3165", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10260", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3165\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in thu-pacman chitu 0.1.0. This affects the function torch.load of the file chitu/chitu/backend.py. The manipulation of the argument ckpt_path/quant_ckpt_dir leads to deserialization. An attack has to be approached locally.\n\ud83d\udccf Published: 2025-04-03T16:00:14.104Z\n\ud83d\udccf Modified: 2025-04-03T16:00:14.104Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303111\n2. https://vuldb.com/?ctiid.303111\n3. https://vuldb.com/?submit.542529\n4. https://github.com/thu-pacman/chitu/issues/32", "creation_timestamp": "2025-04-03T16:34:53.000000Z"}, {"uuid": "b0e07517-cee6-4f78-a16e-a0116e8daeb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/40330", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-31650\nURL\uff1ahttps://github.com/assad12341/Dos-exploit-\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-13T14:34:40.000000Z"}, {"uuid": "95ba62b8-623e-47b6-b34a-4dba7cbb885e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34802", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-31650 PoC\nURL\uff1ahttps://github.com/tunahantekeoglu/CVE-2025-31650\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-30T11:00:11.000000Z"}, {"uuid": "bff094f9-bd8a-4f1c-921e-01a0e3fa7b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://t.me/true_secator/7151", "content": "\u0412 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0434\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f:\n\n1. BeyondTrust \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430.\n\nCVE-2025-5309 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Resilion\u00a0\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b BeyondTrust Remote Support \u0438 Privileged Remote Access. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0448\u0430\u0431\u043b\u043e\u043d\u0438\u0437\u0430\u0442\u043e\u0440 BeyondTrust \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n2. Citrix \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0434\u043b\u044f \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0440\u0435\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 (CVE-2025-5777) \u0432 NetScaler ADC \u0438 NetScaler Gateway.\n\nCitrix \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\u00a0\n\n3. \u0414\u0436\u043e\u043d\u0430\u0442\u0430\u043d \u041c\u044d\u043d\u043d\u0445\u0435\u043d \u043e\u0442\u044b\u0441\u043a\u0430\u043b \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Erlang/OTP ZIP-\u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043f\u0443\u0442\u044c \u043f\u043e \u0441\u0432\u043e\u0435\u043c\u0443 \u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044e.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 CrowdStrike \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043e\u0431\u0437\u043e\u0440 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 AMSI \u0431\u0435\u0437 \u043f\u0430\u0442\u0447\u0435\u0439, \u0435\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n5. Cisco \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439.\n\n6. Atlassian \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u0445 Bamboo, Bitbucket, Confluence, Crowd \u0438 Jira.\n\n\u041a \u043d\u0438\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f CVE-2025-22228 (\u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0432 Spring), CVE-2025-24970 (DoS \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Netty), CVE-2024-38816 (\u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u0432\u0435\u0431-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430\u043c\u0438 WebMvc.fn \u0438 WebFlux.fn), CVE-2024-57699 (DoS \u0432 Netplex Json-smart) \u0438 CVE-2025-31650 (DoS \u0432 Apache Tomcat).\n\n7. Microsoft \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u043f\u043b\u0430\u043d\u0430\u0445 \u043f\u0435\u0440\u0438\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438\u0437 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u0438.\n\n8. GreyNoise \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0435 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-28771 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Zyxel, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u043c \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai.\n\n9. \u041d\u0435\u0434\u0430\u0432\u043d\u044f\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Langflow, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a CVE-2025-3248, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043e\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0431\u043e\u0442\u043d\u0435\u0442 Flodrix, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 Trend Micro.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Langflow, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 PoC, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445.", "creation_timestamp": "2025-06-20T18:30:05.000000Z"}, {"uuid": "f877ff3d-bc01-49b7-a10d-1b71dfa2c932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://t.me/proxy_bar/2634", "content": "CVE-2025-31650\n*\nApache Tomcat ver 10.1.39\n*\nDOS exploit", "creation_timestamp": "2025-06-06T18:30:39.000000Z"}, {"uuid": "42d30747-bcc7-4417-bf69-1e8ff9f42b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://t.me/cvedetector/23954", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31651 - Apache Tomcat Improper Neutralization of Escape, Meta, or Control Sequences\", \n  \"Content\": \"CVE ID : CVE-2025-31651 \nPublished : April 28, 2025, 8:15 p.m. | 1\u00a0hour, 35\u00a0minutes ago \nDescription : Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\u00a0For a subset of unlikely rewrite rule configurations, it was possible   \nfor a specially crafted request to bypass some rewrite rules. If those   \nrewrite rules effectively enforced security constraints, those   \nconstraints could be bypassed.  \n  \nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102.  \n  \nUsers are recommended to upgrade to version [FIXED_VERSION], which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T00:06:30.000000Z"}, {"uuid": "d04ea78c-112e-4b4e-8075-1fd38b00275d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://t.me/cvedetector/23953", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31650 - Apache Tomcat HTTP Priority Header Memory Leak DoS\", \n  \"Content\": \"CVE ID : CVE-2025-31650 \nPublished : April 28, 2025, 8:15 p.m. | 1\u00a0hour, 35\u00a0minutes ago \nDescription : Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.  \n  \nThis issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.  \n  \nUsers are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T00:06:29.000000Z"}, {"uuid": "2c39ec5c-d02f-4bc7-a995-5e78bd608fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "published-proof-of-concept", "source": "Telegram/Wd4A-7wpVGztYFK_9NpdN9E_8ZqWn7o9-NhxflwW2uiDZuQ", "content": "", "creation_timestamp": "2025-05-02T17:00:13.000000Z"}, {"uuid": "7046eb0b-a647-42b7-947c-34dfaecba6af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "published-proof-of-concept", "source": "Telegram/y2l5Yx5uKW94E7t6fGqmFzUShRXCrJYUPIKinN2hvDkbmL0", "content": "", "creation_timestamp": "2025-04-30T21:00:05.000000Z"}, {"uuid": "d45230e8-b56a-4e88-9434-1e63f9ab7e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lq43lzc3bc23", "content": "", "creation_timestamp": "2025-05-26T21:11:26.109690Z"}, {"uuid": "f0ca002e-5986-4f4c-92d7-5e5f0a91aa7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31654", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-04", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "906cbd59-7a49-408e-b2b9-76dd4c722ae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31654", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmv5o3jphj2v", "content": "", "creation_timestamp": "2025-04-15T22:44:17.273659Z"}, {"uuid": "276ef77f-b721-42f5-b417-2c729c2bdfd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbvvtqy25", "content": "", "creation_timestamp": "2025-08-03T21:02:46.379549Z"}, {"uuid": "292158dd-d2f7-4f0c-a43f-f77ab47cd7e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbvyc332w", "content": "", "creation_timestamp": "2025-08-03T21:02:46.959171Z"}, {"uuid": "111b5935-c8e8-46d0-8a02-52e4fdba5c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "eb4cb434-6c1a-4256-ab18-0b004bd6725c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34699", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA tool designed to detect the vulnerability **CVE-2025-31650** in Apache Tomcat (versions 10.1.10 to 10.1.39)\nURL\uff1ahttps://github.com/absholi7ly/TomcatKiller-CVE-2025-31650\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-30T02:25:51.000000Z"}, {"uuid": "f0022abc-97f5-4ae6-a948-64c57f4fc763", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31654", "type": "seen", "source": "https://t.me/cvedetector/23021", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31654 - Vulnerability Title: \"SmartThings Rooms Information Disclosure\"\", \n  \"Content\": \"CVE ID : CVE-2025-31654 \nPublished : April 15, 2025, 10:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : An attacker can get information about the groups of the smart home devices for arbitrary users (i.e., \"rooms\"). \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T01:48:53.000000Z"}, {"uuid": "490d726f-0c83-4ec6-9a8b-0e01f9410329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "published-proof-of-concept", "source": "Telegram/ZxsIaa5eZFUaiSvD4DlOA2nuaXeqbYgdUu5BG2utsXAUqUs", "content": "", "creation_timestamp": "2025-04-08T11:00:06.000000Z"}, {"uuid": "3dea2512-4250-47fd-a30a-64d5806eff04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114417286197128762", "content": "", "creation_timestamp": "2025-04-28T19:40:35.677251Z"}, {"uuid": "38372425-3bec-492e-81ba-49eb867776ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114417316809865035", "content": "", "creation_timestamp": "2025-04-28T19:48:23.109208Z"}, {"uuid": "3981e2e4-d598-42d5-a157-5d8c8535c0e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lnvjy3eksk2r", "content": "", "creation_timestamp": "2025-04-28T19:49:41.124589Z"}, {"uuid": "8ed9f8bd-80ef-46f6-a23f-512af37c9c86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lnvl3vhqjc24", "content": "", "creation_timestamp": "2025-04-28T20:09:42.954853Z"}, {"uuid": "4d747ba1-1bbc-4a09-a795-d1c06976f8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lnvz4ow7zc2o", "content": "", "creation_timestamp": "2025-04-29T00:20:47.121355Z"}, {"uuid": "faef4434-715c-45de-8ad4-736dd95b68ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lnvz4ow7zc2o", "content": "", "creation_timestamp": "2025-04-29T00:20:47.212970Z"}, {"uuid": "78c440b5-ecec-42e3-8c98-225e8d6d0034", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lnyltflykk2c", "content": "", "creation_timestamp": "2025-04-30T01:00:54.629031Z"}, {"uuid": "b53c7c0f-2195-45f4-90d7-ad694395729f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lomw25qstk2k", "content": "", "creation_timestamp": "2025-05-08T02:56:49.849898Z"}, {"uuid": "aeeb0b07-7b03-4040-ba02-e34fda1f01fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lomw25qstk2k", "content": "", "creation_timestamp": "2025-05-08T02:56:49.944133Z"}, {"uuid": "b0028080-adbf-44bf-8d2d-f0ac3ac39316", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/osanpo.bsky.social/post/3lonmlkdknd2r", "content": "", "creation_timestamp": "2025-05-08T09:40:15.549215Z"}, {"uuid": "7c019c06-6b12-4e37-b991-3db37e4c0a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/osanpo.bsky.social/post/3lonmlkdknd2r", "content": "", "creation_timestamp": "2025-05-08T09:40:15.645429Z"}, {"uuid": "9d849ee9-e77b-4771-9f43-54063d80baee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3lopdjsyfia2h", "content": "", "creation_timestamp": "2025-05-09T02:03:33.533177Z"}, {"uuid": "a184ba1e-880e-41a7-ad56-a3b70e2bfe69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lorka6d4ak25", "content": "", "creation_timestamp": "2025-05-09T23:08:45.970205Z"}, {"uuid": "59c0f816-0d5b-4800-9cc1-08222681311c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-31650", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-8d43072a-7f738f3396347f38", "content": "", "creation_timestamp": "2025-06-07T15:33:03.766864Z"}]}