{"vulnerability": "CVE-2025-4533", "sightings": [{"uuid": "911cb9fa-ecd6-4721-a450-dc191371d873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4533", "type": "seen", "source": "https://t.me/cvedetector/25042", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4533 - JeecgBoot Document Library Upload Remote Resource Consumption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4533 \nPublished : May 11, 2025, 7:15 a.m. | 2\u00a0hours, 6\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. This vulnerability affects the function unzipFile of the file /jeecg-boot/airag/knowledge/doc/import/zip of the component Document Library Upload. The manipulation of the argument File leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 2.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-11T11:40:55.000000Z"}, {"uuid": "184da229-5bde-4e6c-9b69-a187af3b2008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4533", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3louydjtwmkg2", "content": "", "creation_timestamp": "2025-05-11T10:09:58.560241Z"}, {"uuid": "1588a901-f90d-4831-9281-ba74298b51cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-45332", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19502", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-45332\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: vkoskiv c-ray 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the parse_mtllib function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.\n\ud83d\udccf Published: 2025-06-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-25T18:31:12.476Z\n\ud83d\udd17 References:\n1. https://github.com/vkoskiv/c-ray/issues/119\n2. https://gist.github.com/QiuYitai/6ebfa07510828a9464ba7fb948255ed5", "creation_timestamp": "2025-06-25T18:51:42.000000Z"}, {"uuid": "c3e592ee-cb71-4c17-8fb2-3cc555ac9ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-45333", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19522", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-45333\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: berkeley-abc abc 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the Abc_NtkCecFraigPart function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.\n\ud83d\udccf Published: 2025-06-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-25T19:36:10.772Z\n\ud83d\udd17 References:\n1. https://github.com/berkeley-abc/abc/pull/383\n2. https://gist.github.com/QiuYitai/eb49750fe58e39ce685cfd87a41eacb9", "creation_timestamp": "2025-06-25T19:48:01.000000Z"}, {"uuid": "eb6516c7-d3fe-4098-8b49-511627b36d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-45331", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls2tnuzqtx2q", "content": "", "creation_timestamp": "2025-06-20T20:07:02.129534Z"}, {"uuid": "80c71caa-0159-4a92-875a-54d25efada43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4533", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15923", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4533\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in JeecgBoot up to 3.8.0. This vulnerability affects the function unzipFile of the file /jeecg-boot/airag/knowledge/doc/import/zip of the component Document Library Upload. The manipulation of the argument File leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-11T06:31:04.456Z\n\ud83d\udccf Modified: 2025-05-11T06:31:04.456Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.308278\n2. https://vuldb.com/?ctiid.308278\n3. https://vuldb.com/?submit.566192\n4. https://github.com/jeecgboot/JeecgBoot/issues/8199\n5. https://github.com/jeecgboot/JeecgBoot/issues/8199#issuecomment-2834691016\n6. https://github.com/jeecgboot/JeecgBoot/issues/8199#issue-3022937633", "creation_timestamp": "2025-05-11T07:27:33.000000Z"}, {"uuid": "396195e1-c8b6-461a-a898-aaa793a7f90b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4533", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lov2hgfwiu2w", "content": "", "creation_timestamp": "2025-05-11T08:37:08.854112Z"}, {"uuid": "44681275-e8e5-4600-b7ca-c723ace0c9d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-45331", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19365", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-45331\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: brplot v420.69.1 contains a Null Pointer Dereference (NPD) vulnerability in the br_dagens_handle_once function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.\n\ud83d\udccf Published: 2025-06-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-24T15:29:25.265Z\n\ud83d\udd17 References:\n1. https://github.com/branc116/brplot/commit/b90e93a0e0d514d48f38d1584496130fa5fe4fe4\n2. https://gist.github.com/QiuYitai/9dd6db6e9dfc03868b9c886b801502ac", "creation_timestamp": "2025-06-24T15:47:08.000000Z"}]}