{"vulnerability": "CVE-2025-4391", "sightings": [{"uuid": "3cb07823-3c58-4948-b85a-a62ccb2e9e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43915", "type": "seen", "source": "https://t.me/cvedetector/24458", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43915 - Linkerd Proxy Resource Exhaustion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43915 \nPublished : May 5, 2025, 5:18 p.m. | 16\u00a0minutes ago \nDescription : In Buoyant Edge releases before edge-25.2.1 and Enterprise for Linkerd releases 2.16.* before 2.16.5, 2.17.* before 2.17.2, and 2.18.* before 2.18.0, resource exhaustion can occur for Linkerd proxy metrics. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T20:03:32.000000Z"}, {"uuid": "bc91da48-3f5d-4af3-bc0f-43f6b62296a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43918", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln7gixszlg2r", "content": "", "creation_timestamp": "2025-04-20T00:48:59.440391Z"}, {"uuid": "c731e65e-8d44-4a93-b782-db13f657ea48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln7iajoopfr2", "content": "", "creation_timestamp": "2025-04-20T01:20:11.040991Z"}, {"uuid": "17c5729e-e146-4b70-8974-7a4a03d808d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114367727235548302", "content": "", "creation_timestamp": "2025-04-20T01:37:06.305213Z"}, {"uuid": "d8161f96-4568-4ca0-9185-8d3a9d71fce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln7tnjnivz2b", "content": "", "creation_timestamp": "2025-04-20T04:44:10.081812Z"}, {"uuid": "6ee65d06-b6af-4a5d-b9eb-b94b3448c33b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4391", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpezaisxuej2", "content": "", "creation_timestamp": "2025-05-17T17:01:23.361479Z"}, {"uuid": "55f2e735-44d0-491f-be3c-7bd6f9f2778d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43917", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12591", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43917\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as root.\n\ud83d\udccf Published: 2025-04-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-19T18:53:53.085Z\n\ud83d\udd17 References:\n1. https://forum.pritunl.com/t/pritunl-client-v1-3-4220-57/3183", "creation_timestamp": "2025-04-19T19:00:01.000000Z"}, {"uuid": "24f8a2b6-2d67-42f1-aaaa-e34d9d76b213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12603", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43919\n\ud83d\udd25 CVSS Score: 5.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter.\n\ud83d\udccf Published: 2025-04-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-20T00:25:05.231Z\n\ud83d\udd17 References:\n1. https://code.launchpad.net/~mailman-coders/mailman/2.1\n2. https://github.com/0NYX-MY7H/CVE-2025-43919", "creation_timestamp": "2025-04-20T01:00:33.000000Z"}, {"uuid": "cba44a5a-993a-49e5-a899-5f077346d9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43918", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12601", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43918\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that domain.\n\ud83d\udccf Published: 2025-04-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-19T22:07:09.222Z\n\ud83d\udd17 References:\n1. https://news.ycombinator.com/item?id=43738485\n2. https://bugzilla.mozilla.org/show_bug.cgi?id=1961406", "creation_timestamp": "2025-04-19T23:01:11.000000Z"}, {"uuid": "70d42514-997d-4e09-90c7-3f4cf3a78e1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33029", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-43919: Directory Traversal Vulnerability in GNU Mailman 2.1.39\nURL\uff1ahttps://github.com/0NYX-MY7H/CVE-2025-43919\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-19T23:20:21.000000Z"}, {"uuid": "07dc4ac0-abb5-4637-ac19-c83fb9968b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33530", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-30567 - WordPress WP01 < Path traversal\nURL\uff1ahttps://github.com/cybersecplayground/CVE-2025-43919-POC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-22T04:58:16.000000Z"}, {"uuid": "3b3d8763-49d6-450b-bacc-fb9fdfb11e40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "published-proof-of-concept", "source": "Telegram/1iHPjnBu0KpZJ3A4v2xWlp2khgDafPYvv6zL7ucTdkQjQyg", "content": "", "creation_timestamp": "2025-04-22T17:00:14.000000Z"}, {"uuid": "8babec09-ec7e-4110-8457-e01b774f2a60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "published-proof-of-concept", "source": "Telegram/L3w2C3-Sm7s2O3q1HAlD3oBhbAqYNCQjyvXrjx9dkERVqc4", "content": "", "creation_timestamp": "2025-04-20T05:00:06.000000Z"}, {"uuid": "3fd7b812-77d6-416a-af10-8e5d730eabc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43917", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln6x4tw63p2t", "content": "", "creation_timestamp": "2025-04-19T20:13:45.689306Z"}, {"uuid": "f6988bc0-05ea-466f-a5d5-a2e7bf66ce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43917", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114366828049255645", "content": "", "creation_timestamp": "2025-04-19T21:48:28.235653Z"}, {"uuid": "eae5cb85-0f10-4aec-b30e-af76b18f548d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43918", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114367046283975614", "content": "", "creation_timestamp": "2025-04-19T22:43:55.596768Z"}, {"uuid": "80bd7217-1837-4686-b4cb-219afeea5efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4391", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpdwv3cpri2p", "content": "", "creation_timestamp": "2025-05-17T06:43:08.300077Z"}, {"uuid": "38d695e5-fbd2-4d18-9b00-534aeb863f78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43914", "type": "seen", "source": "https://gist.github.com/Darkcrai86/4d0199e57b2fcfd84c152df451771c9a", "content": "", "creation_timestamp": "2025-10-07T18:43:10.000000Z"}, {"uuid": "484872df-d95c-48a7-9dd5-000431874e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "published-proof-of-concept", "source": "Telegram/1G4tzEDQHP67ebSuni6CL5MWLPuwHUNWA5wQqAHfQRk8HnA", "content": "", "creation_timestamp": "2025-04-22T11:00:05.000000Z"}, {"uuid": "06c1554a-a885-4ad0-b5e4-e5addef1fef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43917", "type": "published-proof-of-concept", "source": "Telegram/dFOlyA8iEvRcie2Lk4wNTaWgYG567DKI_FFbCaOPln-VAS8", "content": "", "creation_timestamp": "2025-04-19T22:00:31.000000Z"}, {"uuid": "7214a80a-f503-4b0a-8d03-fe73b1ce7056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114370505926628196", "content": "", "creation_timestamp": "2025-04-20T13:23:46.458154Z"}, {"uuid": "824b5ed2-8b94-48a9-b527-d90ca9c73d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114376187592491720", "content": "", "creation_timestamp": "2025-04-21T13:28:41.533614Z"}, {"uuid": "127fdbd9-5144-4fe7-b1de-ba8869a182fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43916", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lndgahq4td2y", "content": "", "creation_timestamp": "2025-04-21T14:54:52.360896Z"}, {"uuid": "abfc1e62-ddcc-4816-a282-f95ce73cebbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43916", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114376738396487768", "content": "", "creation_timestamp": "2025-04-21T15:48:45.467129Z"}, {"uuid": "858ca7bc-1c68-41fb-9f60-d92702e1323c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43916", "type": "seen", "source": "https://t.me/cvedetector/23446", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43916 - Sonos API Open Redirection and Hardcoded Secret Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43916 \nPublished : April 21, 2025, 2:15 p.m. | 1\u00a0hour, 26\u00a0minutes ago \nDescription : Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the authority component, which is not consistent with RFC 6819 section 5.2.3.5. An authorization code may be sent to an attacker-controlled destination. This might have further implications in conjunction with \"Decompiling the app revealed a hardcoded secret.\" \nSeverity: 3.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-21T18:09:21.000000Z"}, {"uuid": "0e6d111d-b2b9-4c45-9092-1c7194a3a751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43919", "type": "seen", "source": "https://t.me/cvedetector/23403", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43919 - cPanel WHM GNU Mailman File Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43919 \nPublished : April 20, 2025, 1:15 a.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-20T05:21:27.000000Z"}, {"uuid": "2f184818-8173-4e40-b51e-443327fa3345", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43918", "type": "seen", "source": "https://t.me/cvedetector/23398", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43918 - SSL.com Domain Validation Email Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43918 \nPublished : April 19, 2025, 10:15 p.m. | 48\u00a0minutes ago \nDescription : SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email address, even when the requester does not otherwise establish administrative control of that domain. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-20T01:10:36.000000Z"}, {"uuid": "ddc391f4-d99c-45dc-b46b-8ca2b9777bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43917", "type": "seen", "source": "https://t.me/cvedetector/23394", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43917 - Pritunl Client Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43917 \nPublished : April 19, 2025, 7:15 p.m. | 1\u00a0hour, 45\u00a0minutes ago \nDescription : In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as root. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-19T23:30:16.000000Z"}]}