{"vulnerability": "CVE-2025-4673", "sightings": [{"uuid": "38ef54ca-b6cb-4482-ac03-34564159c00c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46730", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14981", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46730\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external vendors.  MobSF provides a feature that allows users to upload ZIP files for static analysis. Upon upload, these ZIP files are automatically extracted and stored within the MobSF directory. However, in versions up to and including 4.3.2, this functionality lacks a check on the total uncompressed size of the ZIP file, making it vulnerable to a ZIP of Death (zip bomb) attack. Due to the absence of safeguards against oversized extractions, an attacker can craft a specially prepared ZIP file that is small in compressed form but expands to a massive size upon extraction. Exploiting this, an attacker can exhaust the server's disk space, leading to a complete denial of service (DoS) not just for MobSF, but also for any other applications or websites hosted on the same server. This vulnerability can lead to complete server disruption in an organization which can affect other internal portals and tools too (which are hosted on the same server). If some organization has created their customized cloud based mobile security tool using MobSF core then an attacker can exploit this vulnerability to crash their servers. Commit 6987a946485a795f4fd38cebdb4860b368a1995d fixes this issue. As an additional mitigation, it is recommended to implement a safeguard that checks the total uncompressed size of any uploaded ZIP file before extraction. If the estimated uncompressed size exceeds a safe threshold (e.g., 100 MB), MobSF should reject the file and notify the user.\n\ud83d\udccf Published: 2025-05-05T19:32:24.170Z\n\ud83d\udccf Modified: 2025-05-05T20:04:30.184Z\n\ud83d\udd17 References:\n1. https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-c5vg-26p8-q8cr\n2. https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/6987a946485a795f4fd38cebdb4860b368a1995d", "creation_timestamp": "2025-05-05T20:20:06.000000Z"}, {"uuid": "d6f963f2-75f1-4fa2-a6c0-e106622d8e48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46736", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15163", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46736\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Umbraco is a free and open source .NET content management system. Prior to versions 10.8.10 and 13.8.1, based on an analysis of the timing of post login API responses, it's possible to determine whether an account exists. The issue is patched in versions 10.8.10 and 13.8.1. No known workarounds are available.\n\ud83d\udccf Published: 2025-05-06T17:08:23.503Z\n\ud83d\udccf Modified: 2025-05-06T17:08:23.503Z\n\ud83d\udd17 References:\n1. https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-4g8m-5mj5-c8xg\n2. https://github.com/umbraco/Umbraco-CMS/commit/14fbd20665b453cbf094ccf4575b79a9fba07e03\n3. https://github.com/umbraco/Umbraco-CMS/commit/34709be6cce9752dfa767dffbf551305f48839bc", "creation_timestamp": "2025-05-06T17:21:41.000000Z"}, {"uuid": "f054282b-5f01-41e8-b388-c6064159ae8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46734", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14988", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46734\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: league/commonmark is a PHP Markdown parser. A cross-site scripting (XSS) vulnerability in the Attributes extension of the league/commonmark library (versions 1.5.0 through 2.6.x) allows remote attackers to insert malicious JavaScript calls into HTML. The league/commonmark library provides configuration options such as `html_input: 'strip'` and `allow_unsafe_links: false` to mitigate cross-site scripting (XSS) attacks by stripping raw HTML and disallowing unsafe links. However, when the Attributes Extension is enabled, it introduces a way for users to inject arbitrary HTML attributes into elements via Markdown syntax using curly braces. Version 2.7.0 contains three changes to prevent this XSS attack vector: All attributes starting with `on` are considered unsafe and blocked by default; support for an explicit allowlist of allowed HTML attributes; and manually-added `href` and `src` attributes now respect the existing `allow_unsafe_links` configuration option. If upgrading is not feasible, please consider disabling the `AttributesExtension` for untrusted users and/or filtering the rendered HTML through a library like HTMLPurifier.\n\ud83d\udccf Published: 2025-05-05T19:52:59.521Z\n\ud83d\udccf Modified: 2025-05-05T19:52:59.521Z\n\ud83d\udd17 References:\n1. https://github.com/thephpleague/commonmark/security/advisories/GHSA-3527-qv2q-pfvx\n2. https://github.com/thephpleague/commonmark/commit/f0d626cf05ad3e99e6db26ebcb9091b6cd1cd89b", "creation_timestamp": "2025-05-05T20:20:16.000000Z"}, {"uuid": "10493bc4-0d76-4804-b963-870df62c9c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46735", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15218", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46735\n\ud83d\udd25 CVSS Score: 1.1 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U)\n\ud83d\udd39 Description: Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version `1.0.5`. The `windns_record` resource did not sanitize the input variables. This could lead to authenticated command injection in the underlyding powershell command prompt. Version 1.0.5 contains a fix for the issue.\n\ud83d\udccf Published: 2025-05-06T17:00:33.902Z\n\ud83d\udccf Modified: 2025-05-06T19:48:41.206Z\n\ud83d\udd17 References:\n1. https://github.com/nrkno/terraform-provider-windns/security/advisories/GHSA-4vgf-2cm4-mp7c\n2. https://github.com/nrkno/terraform-provider-windns/commit/c76f69610c1b502f90aaed8c4f102194530b5bce", "creation_timestamp": "2025-05-06T20:21:22.000000Z"}, {"uuid": "7fe52643-bbf5-47e6-9371-dc43e24b9742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15975", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46737\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources.\n\ud83d\udccf Published: 2025-05-12T16:06:23.559Z\n\ud83d\udccf Modified: 2025-05-12T17:58:52.199Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:29:17.000000Z"}, {"uuid": "044c637f-bf87-48e7-91db-d9f865327e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46738", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16007", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46738\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L)\n\ud83d\udd39 Description: An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code.\n\ud83d\udccf Published: 2025-05-12T16:07:02.820Z\n\ud83d\udccf Modified: 2025-05-12T17:57:51.802Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:37:58.000000Z"}, {"uuid": "8eff9960-3ae3-4c49-9699-a04c18f5e5f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46739", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15978", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46739\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated user could discover account credentials via a brute-force attack without rate limiting\n\ud83d\udccf Published: 2025-05-12T16:08:38.763Z\n\ud83d\udccf Modified: 2025-05-12T17:57:08.901Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:29:20.000000Z"}, {"uuid": "fd7dce7c-068e-4e17-91fe-98827bbff571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46739", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15992", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46739\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated user could discover account credentials via a brute-force attack without rate limiting\n\ud83d\udccf Published: 2025-05-12T16:08:38.763Z\n\ud83d\udccf Modified: 2025-05-12T17:57:08.901Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:31:39.000000Z"}, {"uuid": "9654208b-c5b2-4362-b34d-8ecfe4e39584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46737\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources.\n\ud83d\udccf Published: 2025-05-12T16:06:23.559Z\n\ud83d\udccf Modified: 2025-05-12T16:06:23.559Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:24:19.000000Z"}, {"uuid": "8f996825-ec9b-43f0-9701-dec08f78f2a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46738", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15951", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46738\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L)\n\ud83d\udd39 Description: An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code.\n\ud83d\udccf Published: 2025-05-12T16:07:02.820Z\n\ud83d\udccf Modified: 2025-05-12T16:07:02.820Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:24:18.000000Z"}, {"uuid": "e96dcf38-4a5f-4195-bd10-3d50574997f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46739", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15950", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46739\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated user could discover account credentials via a brute-force attack without rate limiting\n\ud83d\udccf Published: 2025-05-12T16:08:38.763Z\n\ud83d\udccf Modified: 2025-05-12T16:08:38.763Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:24:17.000000Z"}, {"uuid": "b281f5c5-49c6-4096-90dc-ff295ba23b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46738", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15991", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46738\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L)\n\ud83d\udd39 Description: An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code.\n\ud83d\udccf Published: 2025-05-12T16:07:02.820Z\n\ud83d\udccf Modified: 2025-05-12T17:57:51.802Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:31:38.000000Z"}, {"uuid": "8c877034-9349-45a7-aea7-97668ae5a58e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15989", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46737\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources.\n\ud83d\udccf Published: 2025-05-12T16:06:23.559Z\n\ud83d\udccf Modified: 2025-05-12T17:58:52.199Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:31:36.000000Z"}, {"uuid": "7ae51f63-a36f-4fbc-bce6-65c05b83b0c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46739", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16008", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46739\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated user could discover account credentials via a brute-force attack without rate limiting\n\ud83d\udccf Published: 2025-05-12T16:08:38.763Z\n\ud83d\udccf Modified: 2025-05-12T17:57:08.901Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:37:59.000000Z"}, {"uuid": "a1bafbee-264d-41e8-aa9b-44251cb9b8a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18119", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4673\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information.\n\ud83d\udccf Published: 2025-06-11T16:42:53.054Z\n\ud83d\udccf Modified: 2025-06-11T17:59:48.033Z\n\ud83d\udd17 References:\n1. https://go.dev/cl/679257\n2. https://go.dev/issue/73816\n3. https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A\n4. https://pkg.go.dev/vuln/GO-2025-3751", "creation_timestamp": "2025-06-11T18:35:10.000000Z"}, {"uuid": "cd66ed41-9374-4506-ac0a-fda177fe1622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46738", "type": "seen", "source": "https://t.me/cvedetector/25108", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46738 - Apache SEL arbitrary code execution vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46738 \nPublished : May 12, 2025, 4:15 p.m. | 2\u00a0hours, 13\u00a0minutes ago \nDescription : An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-12T21:08:16.000000Z"}, {"uuid": "cc76d618-4a51-40c2-b729-28397849c429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "https://t.me/cvedetector/25107", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46737 - Cisco SEL Cross-Origin Resource Sharing (CORS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46737 \nPublished : May 12, 2025, 4:15 p.m. | 2\u00a0hours, 13\u00a0minutes ago \nDescription : SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-12T21:08:16.000000Z"}, {"uuid": "0e3984b0-be39-4d97-acec-a78ae40d23ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46739", "type": "seen", "source": "https://t.me/cvedetector/25098", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46739 - Adobe Acrobat Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-46739 \nPublished : May 12, 2025, 5:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : An unauthenticated user could discover account credentials via a brute-force attack without rate limiting \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-12T21:08:03.000000Z"}, {"uuid": "10f7d5e9-94c0-4000-8aaf-0408c0b025a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46730", "type": "seen", "source": "https://t.me/cvedetector/24503", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46730 - \"MobSF ZIP Bomb Denial of Service Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-46730 \nPublished : May 5, 2025, 8:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external vendors.  MobSF provides a feature that allows users to upload ZIP files for static analysis. Upon upload, these ZIP files are automatically extracted and stored within the MobSF directory. However, in versions up to and including 4.3.2, this functionality lacks a check on the total uncompressed size of the ZIP file, making it vulnerable to a ZIP of Death (zip bomb) attack. Due to the absence of safeguards against oversized extractions, an attacker can craft a specially prepared ZIP file that is small in compressed form but expands to a massive size upon extraction. Exploiting this, an attacker can exhaust the server's disk space, leading to a complete denial of service (DoS) not just for MobSF, but also for any other applications or websites hosted on the same server. This vulnerability can lead to complete server disruption in an organization which can affect other internal portals and tools too (which are hosted on the same server). If some organization has created their customized cloud based mobile security tool using MobSF core then an attacker can exploit this vulnerability to crash their servers. Commit 6987a946485a795f4fd38cebdb4860b368a1995d fixes this issue. As an additional mitigation, it is recommended to implement a safeguard that checks the total uncompressed size of any uploaded ZIP file before extraction. If the estimated uncompressed size exceeds a safe threshold (e.g., 100 MB), MobSF should reject the file and notify the user. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T00:15:13.000000Z"}, {"uuid": "4cbae161-9ac0-42e9-9fee-021e5a2af9d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46731", "type": "seen", "source": "https://t.me/cvedetector/24504", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46731 - Craft CMS SSTI Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46731 \nPublished : May 5, 2025, 8:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and `ALLOW_ADMIN_CHANGES` must be enabled for this to work. Users should update to the patched versions 4.14.13 or 5.6.15 to mitigate the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T00:15:14.000000Z"}, {"uuid": "f74d1c16-87c4-4cdc-82e7-3c0b2f936ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46734", "type": "seen", "source": "https://t.me/cvedetector/24505", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46734 - League Commonmark Attributes Extension Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46734 \nPublished : May 5, 2025, 8:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : league/commonmark is a PHP Markdown parser. A cross-site scripting (XSS) vulnerability in the Attributes extension of the league/commonmark library (versions 1.5.0 through 2.6.x) allows remote attackers to insert malicious JavaScript calls into HTML. The league/commonmark library provides configuration options such as `html_input: 'strip'` and `allow_unsafe_links: false` to mitigate cross-site scripting (XSS) attacks by stripping raw HTML and disallowing unsafe links. However, when the Attributes Extension is enabled, it introduces a way for users to inject arbitrary HTML attributes into elements via Markdown syntax using curly braces. Version 2.7.0 contains three changes to prevent this XSS attack vector: All attributes starting with `on` are considered unsafe and blocked by default; support for an explicit allowlist of allowed HTML attributes; and manually-added `href` and `src` attributes now respect the existing `allow_unsafe_links` configuration option. If upgrading is not feasible, please consider disabling the `AttributesExtension` for untrusted users and/or filtering the rendered HTML through a library like HTMLPurifier. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T00:15:15.000000Z"}, {"uuid": "56aaa003-a93d-43fe-8318-28751bff1298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46736", "type": "seen", "source": "https://t.me/cvedetector/24621", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46736 - Umbraco Account Existence Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-46736 \nPublished : May 6, 2025, 5:16 p.m. | 50\u00a0minutes ago \nDescription : Umbraco is a free and open source .NET content management system. Prior to versions 10.8.10 and 13.8.1, based on an analysis of the timing of post login API responses, it's possible to determine whether an account exists. The issue is patched in versions 10.8.10 and 13.8.1. No known workarounds are available. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T20:20:11.000000Z"}, {"uuid": "81b8406a-e60d-4368-b651-5602444e5312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46735", "type": "seen", "source": "https://t.me/cvedetector/24623", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46735 - Terraform WinDNS Provider Authenticated Command Injection\", \n  \"Content\": \"CVE ID : CVE-2025-46735 \nPublished : May 6, 2025, 5:16 p.m. | 50\u00a0minutes ago \nDescription : Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version `1.0.5`. The `windns_record` resource did not sanitize the input variables. This could lead to authenticated command injection in the underlyding powershell command prompt. Version 1.0.5 contains a fix for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T20:20:12.000000Z"}, {"uuid": "77b19928-d0b9-4a01-bdd7-fc60ac00ba07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrcduz5r6a2r", "content": "", "creation_timestamp": "2025-06-11T02:20:47.395992Z"}, {"uuid": "1b6d2b93-605d-42fe-8a83-1070ba1aa3c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3lupif2fj7m22", "content": "", "creation_timestamp": "2025-07-24T12:01:35.802105Z"}, {"uuid": "4306a700-0540-48d3-9892-5a9ac045eaf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3lwquhu6dis2c", "content": "", "creation_timestamp": "2025-08-19T12:00:53.769804Z"}, {"uuid": "c491a765-9e8e-45c9-bb7e-6922ca9b4da4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3lyn7o5to5m2q", "content": "", "creation_timestamp": "2025-09-12T12:01:01.643779Z"}, {"uuid": "375cba1b-42c1-43a4-b370-1d92dfcc6484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46731", "type": "published-proof-of-concept", "source": "Telegram/FuukJpUcWm8W7_orzQKqRLhyowzFyoFldGzWwBVSPpd5oCA", "content": "", "creation_timestamp": "2025-05-05T22:30:27.000000Z"}, {"uuid": "2e5631b2-a0b6-4b84-b458-891cf41d3d54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lr2sr7li6p2f", "content": "", "creation_timestamp": "2025-06-08T02:25:48.207564Z"}, {"uuid": "4b49a2ca-d144-468f-9500-ada4db2a0d0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrellrrifh2s", "content": "", "creation_timestamp": "2025-06-11T23:44:06.937141Z"}, {"uuid": "761e64f0-c4ec-4835-a99e-5769d14b8b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/golang.org/post/3lquykqnbkk2d", "content": "", "creation_timestamp": "2025-06-05T18:53:38.008600Z"}, {"uuid": "14dcc0a2-b43a-4a25-b31c-c2659293deb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/217", "content": "", "creation_timestamp": "2025-06-05T17:14:55.000000Z"}, {"uuid": "3e02028c-b15f-4034-b1b8-a9dbfe52e0e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lqvrhuwwpr2p", "content": "", "creation_timestamp": "2025-06-06T02:19:22.463956Z"}, {"uuid": "7931aeb4-3b58-42ea-b85a-ef876a5af99b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lr5d4wwubw2a", "content": "", "creation_timestamp": "2025-06-09T02:24:01.315720Z"}, {"uuid": "c18a3e8b-9c36-4478-a1f6-85abc00850e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46734", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lohmh7r5qv2t", "content": "", "creation_timestamp": "2025-05-06T00:21:52.235390Z"}, {"uuid": "abd753a9-3664-43c3-be71-a0f8dcfa077e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46730", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lohmha3iue2j", "content": "", "creation_timestamp": "2025-05-06T00:21:53.989790Z"}, {"uuid": "87ec97cd-6a56-43c3-b04a-485b4a1cfbb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46731", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lohmhaiv4z2o", "content": "", "creation_timestamp": "2025-05-06T00:21:56.427666Z"}, {"uuid": "fb4bafda-2026-4922-b276-2691c952c8f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lqybvlqprw23", "content": "", "creation_timestamp": "2025-06-07T02:18:42.432004Z"}, {"uuid": "29e177d5-d4fb-4e95-9b3b-774504095760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lr7thm2jbg2b", "content": "", "creation_timestamp": "2025-06-10T02:21:38.129449Z"}, {"uuid": "e9b6cc95-9229-4191-a826-1bc7470b1216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46738", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114495799464811096", "content": "", "creation_timestamp": "2025-05-12T16:27:33.111343Z"}, {"uuid": "e83241f7-05ae-4157-b14b-2a1dca31f0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114495799464811096", "content": "", "creation_timestamp": "2025-05-12T16:27:33.221364Z"}, {"uuid": "d901e885-e6df-4f92-bf5a-daf70e6ef4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46739", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114496055573801981", "content": "", "creation_timestamp": "2025-05-12T17:32:41.161084Z"}, {"uuid": "92a2203a-6e03-4720-8c65-a11cf7c361f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46738", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loyn2fbniu22", "content": "", "creation_timestamp": "2025-05-12T18:47:57.918050Z"}, {"uuid": "3bf4019d-52a8-4f48-8979-80e280607df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46739", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loyn2ff4i32w", "content": "", "creation_timestamp": "2025-05-12T18:47:58.525170Z"}, {"uuid": "de217905-09da-4573-833e-1066cc1cc845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loyn2flysg2t", "content": "", "creation_timestamp": "2025-05-12T18:47:59.653338Z"}, {"uuid": "c92c5121-bfc3-4bc1-9807-3ba2860578c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46738", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15977", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46738\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L)\n\ud83d\udd39 Description: An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code.\n\ud83d\udccf Published: 2025-05-12T16:07:02.820Z\n\ud83d\udccf Modified: 2025-05-12T17:57:51.802Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:29:19.000000Z"}, {"uuid": "d31e798d-bfd7-4a5b-ac25-4b8383941126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16005", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46737\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: SEL-5037 Grid Configurator contains an overly permissive Cross Origin Resource Sharing (CORS) configuration for a data gateway service in the application. This gateway service includes an API which is not properly configured to reject requests from unexpected sources.\n\ud83d\udccf Published: 2025-05-12T16:06:23.559Z\n\ud83d\udccf Modified: 2025-05-12T17:58:52.199Z\n\ud83d\udd17 References:\n1. https://selinc.com/products/software/latest-software-versions/", "creation_timestamp": "2025-05-12T18:37:56.000000Z"}, {"uuid": "0de657bd-bd64-425b-80a0-a9ba3e85a1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46737", "type": "seen", "source": "Telegram/Kd0Licvl05IL9dbcjAlnsxGJoQRH5VF3YgZ1kdqUOIQBjSo", "content": "", "creation_timestamp": "2025-05-12T18:30:33.000000Z"}, {"uuid": "86c54e41-9750-4034-a60d-8cb208a83ab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lreucjorme2g", "content": "", "creation_timestamp": "2025-06-12T02:20:00.317441Z"}, {"uuid": "9750234d-c067-4140-bd62-8ba0def4355a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lqv4fgr44h2m", "content": "", "creation_timestamp": "2025-06-05T20:02:11.878217Z"}, {"uuid": "d20fb185-5d27-46ce-9009-ca8e91d78446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46735", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojis6zhgf2e", "content": "", "creation_timestamp": "2025-05-06T18:21:50.754668Z"}, {"uuid": "ff0c5eb2-8afd-468a-bfc4-39376fe29eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46736", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojis7nmx22j", "content": "", "creation_timestamp": "2025-05-06T18:21:54.349047Z"}, {"uuid": "2ccaf79b-fb96-4189-b308-9a0749f3efc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46736", "type": "seen", "source": "https://bsky.app/profile/OpenSource.activitypub.awakari.com.ap.brid.gy/post/3lojlqmyfrvo2", "content": "", "creation_timestamp": "2025-05-06T19:20:02.430560Z"}, {"uuid": "ce64d014-b040-487d-994f-13c803978349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46735", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lojlqqlzloo2", "content": "", "creation_timestamp": "2025-05-06T19:20:03.057130Z"}, {"uuid": "e4891722-9b8e-49c2-9c39-b0bb61b24532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4673", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "805473d0-33aa-4dd9-a596-6b4493efb3f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46731", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14983", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46731\n\ud83d\udd25 CVSS Score: 7.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P)\n\ud83d\udd39 Description: Craft is a content management system. Versions of Craft CMS on the 4.x branch prior to 4.14.13 and on the 5.x branch prior to 5.6.16 contains a potential remote code execution vulnerability via Twig SSTI. One must have administrator access and `ALLOW_ADMIN_CHANGES` must be enabled for this to work. Users should update to the patched versions 4.14.13 or 5.6.15 to mitigate the issue.\n\ud83d\udccf Published: 2025-05-05T19:35:31.347Z\n\ud83d\udccf Modified: 2025-05-05T20:03:42.802Z\n\ud83d\udd17 References:\n1. https://github.com/craftcms/cms/security/advisories/GHSA-7c58-g782-9j38\n2. https://github.com/craftcms/cms/security/advisories/GHSA-f3cw-hg6r-chfv\n3. https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production\n4. http://github.com/craftcms/cms/pull/17026", "creation_timestamp": "2025-05-05T20:20:11.000000Z"}]}