{"vulnerability": "CVE-2025-4164", "sightings": [{"uuid": "18267451-8a46-4cac-b92c-56301d1dcfbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4164", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4164\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-01T12:00:08.150Z\n\ud83d\udccf Modified: 2025-05-01T12:00:08.150Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.306696\n2. https://vuldb.com/?ctiid.306696\n3. https://vuldb.com/?submit.561140\n4. https://github.com/ideal-valli/myCVE/issues/2\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-01T12:14:38.000000Z"}, {"uuid": "9cd48d33-7e2f-4cf3-b691-ad7477447e5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41645", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16115", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41645\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that account by mistake.\n\ud83d\udccf Published: 2025-05-13T08:47:33.564Z\n\ud83d\udccf Modified: 2025-05-13T13:11:10.091Z\n\ud83d\udd17 References:\n1. https://cert.vde.com/en/advisories/VDE-2025-010", "creation_timestamp": "2025-05-13T13:30:28.000000Z"}, {"uuid": "35438199-7f93-45b9-a04e-4c893ccb5f9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "published-proof-of-concept", "source": "Telegram/itekV_7Xkp3Ho6cERYVofdzl_aqFgFj-j1LEcvC2Ybxwbi8", "content": "", "creation_timestamp": "2025-07-04T15:00:06.000000Z"}, {"uuid": "572897a6-f0a8-4be6-a915-8bdde59ad78e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41647", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114743430656754000", "content": "", "creation_timestamp": "2025-06-25T10:03:25.110857Z"}, {"uuid": "fa4a8f88-3193-407a-b124-68fe0b361cf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41647", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lsgebc7eqrc2", "content": "", "creation_timestamp": "2025-06-25T10:03:46.773058Z"}, {"uuid": "970760a3-4a51-441d-89fb-ca8c46638fc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41647", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsgtfwpwrf2k", "content": "", "creation_timestamp": "2025-06-25T14:34:31.706774Z"}, {"uuid": "2e86cadc-f52b-456c-be0e-e8868570bdd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41648", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsvcyg4ix22k", "content": "", "creation_timestamp": "2025-07-01T08:50:34.211533Z"}, {"uuid": "f330fc7b-8ca1-4b58-8b87-e44d3edbb4b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-06T01:04:20.000000Z"}, {"uuid": "c99f7931-e981-48cb-9541-2291dda73996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "b2975aef-4dae-4f7a-bf59-a195d3bb1388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-25)", "content": "", "creation_timestamp": "2026-01-25T00:00:00.000000Z"}, {"uuid": "880f798b-7ae9-489a-889b-34e96070954f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-15)", "content": "", "creation_timestamp": "2026-02-15T00:00:00.000000Z"}, {"uuid": "6278d9ad-128b-4df2-99eb-5b85d607911a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41647", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19428", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41647\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions.\n\ud83d\udccf Published: 2025-06-25T09:40:37.325Z\n\ud83d\udccf Modified: 2025-06-25T09:40:37.325Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-043/", "creation_timestamp": "2025-06-25T09:47:38.000000Z"}, {"uuid": "99928acf-4a5f-4f12-82e8-2096c2cf9696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41648", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lsxfk37off2s", "content": "", "creation_timestamp": "2025-07-02T04:41:33.989482Z"}, {"uuid": "b65dfbd3-50c6-4be6-8027-36b234581d24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41649", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lq5dessbva62", "content": "", "creation_timestamp": "2025-05-27T09:07:04.046044Z"}, {"uuid": "b58b3ea0-ccbb-4229-b26c-23fc699cca73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41649", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq5e723s3jt2", "content": "", "creation_timestamp": "2025-05-27T09:18:05.527775Z"}, {"uuid": "dc30f481-968c-4781-b494-93d9e90e9d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41649", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq5fou6mls2s", "content": "", "creation_timestamp": "2025-05-27T09:44:38.199494Z"}, {"uuid": "3ef6b6af-1f51-4845-90c8-36c2836e5737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114637183702998002", "content": "", "creation_timestamp": "2025-06-06T15:43:25.460976Z"}, {"uuid": "16bb4e0f-9114-4331-871f-6d6149d2fe33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqxjkfs4n42r", "content": "", "creation_timestamp": "2025-06-06T19:02:56.834561Z"}, {"uuid": "ceeb904e-ed56-4237-a386-a0d087e75ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lr7y5m4xz52m", "content": "", "creation_timestamp": "2025-06-10T03:45:31.140339Z"}, {"uuid": "7501054b-e3eb-4586-81b8-f8dde2d3ed70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3luqgm5o7wq2p", "content": "", "creation_timestamp": "2025-07-24T21:02:26.973929Z"}, {"uuid": "266532f2-98b3-4bc0-a836-1572f24523a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-12)", "content": "", "creation_timestamp": "2025-09-12T00:00:00.000000Z"}, {"uuid": "af74537f-0967-4acc-8b78-d35f7a51bb86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-21T10:03:55.000000Z"}, {"uuid": "2ed5c6ba-4432-483a-98a3-35963249d60f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/42935", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-41646 - Critical Authentication bypass\nURL\uff1ahttps://github.com/cyberre124/CVE-2025-41646---Critical-Authentication-Bypass-\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-04T07:38:13.000000Z"}, {"uuid": "3d03a20c-d618-40aa-a84f-866a861e3372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41649", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17616", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41649\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices.\n\ud83d\udccf Published: 2025-05-27T08:37:26.201Z\n\ud83d\udccf Modified: 2025-05-27T08:37:26.201Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-044/", "creation_timestamp": "2025-05-27T08:48:03.000000Z"}, {"uuid": "05bfa960-7c70-4e66-9fa3-6d684dfe95c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4164", "type": "published-proof-of-concept", "source": "Telegram/ZXv_rB_pqOR5DtsPshb5WT_BQ7P5eXKoxldchqk3nGxxysE", "content": "", "creation_timestamp": "2025-05-01T15:00:17.000000Z"}, {"uuid": "81f1eb43-2c87-40a7-8d62-4a1f85363dfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-09", "content": "", "creation_timestamp": "2025-07-10T10:00:00.000000Z"}, {"uuid": "0a39eb6c-6d84-4b9c-9e8f-b0d20a75c7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ltfoohn2nn23", "content": "", "creation_timestamp": "2025-07-07T21:02:23.562961Z"}, {"uuid": "fa9ecb03-54bb-4eb8-8c70-437592fab76e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41649", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114578985199381688", "content": "", "creation_timestamp": "2025-05-27T13:03:58.537300Z"}, {"uuid": "6b0d4dae-71e1-4ed6-a126-dda911512fcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41648", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114776963668841559", "content": "", "creation_timestamp": "2025-07-01T08:11:18.310968Z"}, {"uuid": "9140ead8-68ef-4990-b517-dfb8620b19df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41648", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lsvasby3epc2", "content": "", "creation_timestamp": "2025-07-01T08:11:37.628775Z"}, {"uuid": "8bfca466-669a-404c-9002-0727f0c220a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41648", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114777942846063884", "content": "", "creation_timestamp": "2025-07-01T12:20:19.785306Z"}, {"uuid": "3fc3eafd-bdfc-44d3-a589-3d6cdda94426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-30)", "content": "", "creation_timestamp": "2025-07-30T00:00:00.000000Z"}, {"uuid": "34566602-6aa1-4fa9-8cae-cbf910029fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-11)", "content": "", "creation_timestamp": "2025-11-11T00:00:00.000000Z"}, {"uuid": "ae936781-94c9-46d7-8a7b-d63870232899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "dd526cc6-9a55-4604-a0e9-580413ac95ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-29)", "content": "", "creation_timestamp": "2025-09-29T00:00:00.000000Z"}, {"uuid": "a08284a3-289c-4df1-aaa3-348f33b4372b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-18)", "content": "", "creation_timestamp": "2025-12-18T00:00:00.000000Z"}, {"uuid": "7ec49b93-555f-4ebf-a727-eb69e9559c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41646", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-04)", "content": "", "creation_timestamp": "2026-02-04T00:00:00.000000Z"}]}