{"vulnerability": "CVE-2025-4166", "sightings": [{"uuid": "a5261abc-f26f-433b-a64d-b84383cb2100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-41669", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116645334969189092", "content": "", "creation_timestamp": "2026-05-27T07:22:42.065598Z"}, {"uuid": "363aebd5-b2d1-42c8-8d06-a628a3797987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.173417Z"}, {"uuid": "acb8becc-0908-4862-a822-751e10b158f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.291370Z"}, {"uuid": "9b9a3b8b-950f-4bf5-b659-5fd40bbaa6e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41668", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.404926Z"}, {"uuid": "eafef10d-d2c8-43a0-8fed-4966d2c73896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41665", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.511197Z"}, {"uuid": "ac559105-4cb1-45d8-97f1-81d64ba7f3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.668085Z"}, {"uuid": "0acfc2be-da19-439c-873d-72d3ecc32def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41665", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.991546Z"}, {"uuid": "0a8410bd-c8d3-4389-8685-4f5a5fe7fb9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.782223Z"}, {"uuid": "fa2d96b1-6b0a-496a-b31b-9b87adc95f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41668", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.889023Z"}, {"uuid": "ce9c307d-80ea-4d74-937e-773f2c662dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114663692500389345", "content": "", "creation_timestamp": "2025-06-11T08:04:57.429306Z"}, {"uuid": "8ec58ff0-1858-4eb1-936e-8b257a062ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114663692500389345", "content": "", "creation_timestamp": "2025-06-11T08:04:57.517568Z"}, {"uuid": "0568c837-e447-48aa-8587-ee74f166f56e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114663692500389345", "content": "", "creation_timestamp": "2025-06-11T08:04:57.604675Z"}, {"uuid": "4a3d91ee-87e7-4bf9-807d-d69047fd4919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lrcx4ijeuks2", "content": "", "creation_timestamp": "2025-06-11T08:05:02.840664Z"}, {"uuid": "7da9d837-c735-4b2b-af7e-260da0862e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lrcx4ijeuks2", "content": "", "creation_timestamp": "2025-06-11T08:05:02.950976Z"}, {"uuid": "95f824d6-b2a4-4f6f-8ce3-71734ed1c996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lrcx4ijeuks2", "content": "", "creation_timestamp": "2025-06-11T08:05:03.049637Z"}, {"uuid": "9c668c15-d3fb-432c-b0b8-5d7cf8eb2488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrdb3lmcrv2a", "content": "", "creation_timestamp": "2025-06-11T11:03:26.339989Z"}, {"uuid": "92b79217-8917-4442-a35c-1ad49789c4d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-06T01:04:20.000000Z"}, {"uuid": "d129a0b3-bc23-44a6-baf6-63a6ad7b2752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-06T01:04:20.000000Z"}, {"uuid": "222d2b7c-918e-4809-b419-9899c1c72d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41664", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lycn6hzh62i2", "content": "", "creation_timestamp": "2025-09-08T07:04:41.007278Z"}, {"uuid": "59fd4df8-02da-4598-b7aa-82372fe99edc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-41664", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lycoqsvfwc2s", "content": "", "creation_timestamp": "2025-09-08T07:31:40.435483Z"}, {"uuid": "7fda9a26-3495-4027-a610-11b37c63d7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116283045909330832", "content": "", "creation_timestamp": "2026-03-24T07:47:49.608352Z"}, {"uuid": "aff39f4f-62b1-4abd-83ac-79630db29f44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhsequbasc25", "content": "", "creation_timestamp": "2026-03-24T10:33:13.239986Z"}, {"uuid": "a757c2e5-39a7-4170-a627-e1bd74bac4b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2025-41660", "content": "", "creation_timestamp": "2026-03-24T07:16:00.000000Z"}, {"uuid": "5a8a02b4-4677-4293-aa37-3926f882fd8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14497", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4166\n\ud83d\udd25 CVSS Score: 4.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is fixed in Vault Community 1.19.3 and Vault Enterprise 1.19.3, 1.18.9, 1.17.16, 1.16.20.\n\ud83d\udccf Published: 2025-05-02T14:57:58.710Z\n\ud83d\udccf Modified: 2025-05-02T14:57:58.710Z\n\ud83d\udd17 References:\n1. https://discuss.hashicorp.com/t/hcsec-2025-09-vault-may-expose-sensitive-information-in-error-logs-when-processing-malformed-data-with-the-kv-v2-plugin", "creation_timestamp": "2025-05-02T15:17:00.000000Z"}, {"uuid": "fca95235-2ef7-4b12-93e4-b9c555daed5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41668", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgylvpc2t2y", "content": "", "creation_timestamp": "2025-07-08T09:32:32.547520Z"}, {"uuid": "b64c8979-d9df-4a1c-a0d2-ca59cb0437e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgyrbrl562b", "content": "", "creation_timestamp": "2025-07-08T09:35:32.932145Z"}, {"uuid": "d412791b-841d-4c4a-b083-4ac8504ac7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41665", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgz5xqebu2b", "content": "", "creation_timestamp": "2025-07-08T09:42:38.706272Z"}, {"uuid": "f3e2f121-feaf-4deb-a28c-76ceb1558a14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-21T10:03:55.000000Z"}, {"uuid": "233c6da0-7ce4-40a4-9360-8c5f084ccad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-21T10:03:55.000000Z"}, {"uuid": "72c9906c-1af0-4305-8fe8-43565235c2bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "Telegram/R10UXZSi1fRv32CnNZ1k2M8nZvZVrIYKWQMEFWF4lOTwYjs", "content": "", "creation_timestamp": "2025-06-12T01:18:06.000000Z"}, {"uuid": "a58eaf20-61f6-478e-a29e-6489cfc52961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://t.me/bdufstecru/3039", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 CODESYS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u043c\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434\n\nBDU:2026-04079\nCVE-2025-41660\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0443\u0442\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u00abYES\u00bb \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 SECURITY.EnforceSignedCode;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u0445\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u00ab\u0431\u0435\u043b\u044b\u043c \u0441\u043f\u0438\u0441\u043a\u0430\u043c\u00bb;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 SIEM-\u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442).\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://certvde.com/de/advisories/VDE-2026-011", "creation_timestamp": "2026-03-27T13:02:44.000000Z"}, {"uuid": "840ebfe3-34e6-43b1-81f5-d1cbae4c0790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19495", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52893\n\ud83d\udd25 CVSS Score: 4.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. This issue has been fixed in OpenBao v2.3.0 and later. Like with HCSEC-2025-09, there is no known workaround except to ensure properly formatted requests from all clients.\n\ud83d\udccf Published: 2025-06-25T16:54:50.262Z\n\ud83d\udccf Modified: 2025-06-25T16:54:50.262Z\n\ud83d\udd17 References:\n1. https://github.com/openbao/openbao/security/advisories/GHSA-8f5r-8cmq-7fmq\n2. https://github.com/go-viper/mapstructure/pull/105\n3. https://github.com/go-viper/mapstructure/commit/ed3f92181528ff776a0324107b8b55026e93766a\n4. https://github.com/openbao/openbao/commit/cf5e920badbf96b41253534a3fd5ff5063bf4b30\n5. https://discuss.hashicorp.com/t/hcsec-2025-09-vault-may-expose-sensitive-information-in-error-logs-when-processing-malformed-data-with-the-kv-v2-plugin/74717\n6. https://github.com/go-viper/mapstructure/releases/tag/v2.3.0", "creation_timestamp": "2025-06-25T18:06:26.000000Z"}, {"uuid": "bc704a57-6495-474f-9405-5f908fdbd864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgy2kgrcq2e", "content": "", "creation_timestamp": "2025-07-08T09:22:50.100757Z"}, {"uuid": "6ddab219-d5e5-47af-9b2e-26289e716ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo77gzrlqga2", "content": "", "creation_timestamp": "2025-05-02T16:15:16.696629Z"}, {"uuid": "cc73069a-df52-4d5a-a9b9-958bde87a1d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7frger7n2n", "content": "", "creation_timestamp": "2025-05-02T18:01:03.862538Z"}, {"uuid": "b58bb47c-2d1d-4e7f-a5ca-2d1c679b5bf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrdbm7pmf62k", "content": "", "creation_timestamp": "2025-06-11T11:12:44.189231Z"}, {"uuid": "1029f707-4824-4ca6-b993-f01ad31acfc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrdcq222ww2s", "content": "", "creation_timestamp": "2025-06-11T11:32:46.338390Z"}, {"uuid": "6357fc0e-1d5a-4af0-9796-2c2e85ff5cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18058", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41663\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers and gain arbitrary command execution with elevated privileges.\n\ud83d\udccf Published: 2025-06-11T08:15:55.357Z\n\ud83d\udccf Modified: 2025-06-11T08:15:55.357Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-052", "creation_timestamp": "2025-06-11T08:32:29.000000Z"}, {"uuid": "812024f2-02d3-4cf0-8efc-ccb7d624e8b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18060", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41662\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface (endpoint tls_iotgen_setting).\n\ud83d\udccf Published: 2025-06-11T08:08:17.544Z\n\ud83d\udccf Modified: 2025-06-11T08:11:30.422Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-052", "creation_timestamp": "2025-06-11T08:32:31.000000Z"}, {"uuid": "b03cf8b4-f8f8-4f59-bcc7-aa107e8fd3b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18059", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41661\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface (endpoint event_mail_test).\n\ud83d\udccf Published: 2025-06-11T08:13:27.237Z\n\ud83d\udccf Modified: 2025-06-11T08:13:27.237Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-052", "creation_timestamp": "2025-06-11T08:32:30.000000Z"}]}