{"vulnerability": "CVE-2025-4681", "sightings": [{"uuid": "a7cde099-e13a-4418-89c2-b03beeb459b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "e72b0b47-7b5f-48e7-80cc-7732303fa595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lv74k53guw2l", "content": "", "creation_timestamp": "2025-07-30T17:12:13.279708Z"}, {"uuid": "7faea3cf-9038-442b-a4ad-010d03966336", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-46811", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lva5hwo32427", "content": "", "creation_timestamp": "2025-07-31T03:01:33.724451Z"}, {"uuid": "9d743cee-c163-47d9-a94a-bd800c2efcdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lvbdo7fo4e25", "content": "", "creation_timestamp": "2025-07-31T14:25:05.774483Z"}, {"uuid": "ee1ad10f-950d-4522-9e72-40ceead9d5d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lvbfpt4xxc22", "content": "", "creation_timestamp": "2025-07-31T15:01:49.522799Z"}, {"uuid": "b359f9a5-938c-4add-9b09-f40a9080d38d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/ransomfeed.rfeed.it/post/3lvd6l4sm2j22", "content": "", "creation_timestamp": "2025-08-01T07:59:13.492296Z"}, {"uuid": "c6568b1e-cb62-45a7-bf42-a05b0e9a6a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lvf4dnf4nt22", "content": "", "creation_timestamp": "2025-08-02T02:24:34.725822Z"}, {"uuid": "9f4b5a4f-e64f-4c81-a36b-6a8c4cdb2e9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lvjl5ad52k2z", "content": "", "creation_timestamp": "2025-08-03T21:00:04.531369Z"}, {"uuid": "634d61c3-7ef8-4e49-bc98-6cb5158a219f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "1d27e5c8-ebd7-4bc9-a2eb-8d910a62ab08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "a058cf3b-5fbd-42ed-b1db-494cce8fc004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "13ad8bdd-330f-48b7-8a04-ac06b0eca535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "8d5b8879-b508-4dbf-9953-9be6bd65af21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "2ed52e97-c412-49b9-8fb4-800542689b38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwmrsb5frd2c", "content": "", "creation_timestamp": "2025-08-17T21:02:29.105287Z"}, {"uuid": "47ea1fbe-8001-4a06-b6b6-ba0956bd17b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "f638941d-976b-41fd-a66f-8ca6cd90dcb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "179da212-31da-4a1c-8f47-0506367617ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m2kfwxpcec24", "content": "", "creation_timestamp": "2025-10-06T20:05:45.282155Z"}, {"uuid": "36601492-e8e7-4b2b-91f1-63f3f414b555", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2zlw3cblh2j", "content": "", "creation_timestamp": "2025-10-12T21:02:37.395804Z"}, {"uuid": "42e31617-e3d6-4eee-9b37-0326eab27374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46818", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2zlw3evor2v", "content": "", "creation_timestamp": "2025-10-12T21:02:37.966434Z"}, {"uuid": "a4c9f96e-bf71-4566-b056-e4d5d77929c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46819", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2zlw3hgzw2a", "content": "", "creation_timestamp": "2025-10-12T21:02:38.552823Z"}, {"uuid": "4d061f1b-b51f-41f7-a86e-6ed8aad5e020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "23f058b6-6ebf-4060-a9a4-943c5b2ca7cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m6k52buje62k", "content": "", "creation_timestamp": "2025-11-26T15:07:17.100441Z"}, {"uuid": "2421dfd7-1ef7-49ee-935c-2a8822a39a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "d57df620-5c20-468c-bd32-7b513f199996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/catc0n.bsky.social/post/3lx7zx5ky4k27", "content": "", "creation_timestamp": "2025-08-25T12:48:53.898660Z"}, {"uuid": "3cbb6c72-476a-429a-8b0f-4ce09576d566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "91b58562-b35c-4620-b864-7f570fd3ad2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46810", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lxu5z5sa4d27", "content": "", "creation_timestamp": "2025-09-02T12:54:48.787153Z"}, {"uuid": "7cd19810-87fd-4d8e-a61c-48a112dfd8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mchkmu5bzc2g", "content": "", "creation_timestamp": "2026-01-15T12:13:13.340128Z"}, {"uuid": "3d74078b-a049-4a16-b914-97bf184c6510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-46811", "type": "seen", "source": "https://gist.github.com/szachovy/8bbd9d6dbf6ec89b584bf11d02503a02", "content": "", "creation_timestamp": "2026-02-13T12:04:34.000000Z"}, {"uuid": "8fbe4ea0-221e-4fa9-beb7-4ffc156f37c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46818", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "7700a74e-540b-44e2-b510-ccd873ba26e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46819", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "606795f3-4f10-4903-a5a1-7fc95610d177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "dfbac995-7060-47a6-8991-1e4789f0f836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46813", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14982", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46813\n\ud83d\udd25 CVSS Score: 5.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: Discourse is an open-source community platform. A data leak vulnerability affects sites deployed between commits 10df7fdee060d44accdee7679d66d778d1136510 and 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b. On login-required sites, the leak meant that some content on the site's homepage could be visible to unauthenticated users. Only login-required sites that got deployed during this timeframe are affected, roughly between April 30 2025 noon EDT and May 2 2025, noon EDT. Sites on the stable branch are unaffected. Private content on an instance's homepage could be visible to unauthenticated users on login-required sites. Versions of 3.5.0.beta4 after commit 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b are not vulnerable to the issue. No workarounds are available. Sites must upgrade to a non-vulnerable version of Discourse.\n\ud83d\udccf Published: 2025-05-05T20:03:46.289Z\n\ud83d\udccf Modified: 2025-05-05T20:03:46.289Z\n\ud83d\udd17 References:\n1. https://github.com/discourse/discourse/security/advisories/GHSA-v3h7-c287-pfg9\n2. https://github.com/discourse/discourse/commit/10df7fdee060d44accdee7679d66d778d1136510\n3. https://github.com/discourse/discourse/commit/82d84af6b0efbd9fa2aeec3e91ce7be1a768511b", "creation_timestamp": "2025-05-05T20:20:07.000000Z"}, {"uuid": "818f4ed1-16f6-49d0-9414-ea962fc0ecef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46814", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15212", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46814\n\ud83d\udd25 CVSS Score: 3.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. An HTTP header injection vulnerability has been identified in versions prior to 2.0.0. By manipulating the X-Forwarded-For header, an attacker can potentially inject arbitrary IP addresses into the request. This vulnerability can allow attackers to bypass IP-based access controls, mislead logging systems, and impersonate trusted clients. It is especially impactful when the application relies on the X-Forwarded-For header for IP-based authorization or authentication. Users should upgrade to FastAPI Guard version 2.0.0 to receive a fix.\n\ud83d\udccf Published: 2025-05-06T14:55:48.766Z\n\ud83d\udccf Modified: 2025-05-06T19:51:34.278Z\n\ud83d\udd17 References:\n1. https://github.com/rennf93/fastapi-guard/security/advisories/GHSA-77q8-qmj7-x7pp\n2. https://github.com/rennf93/fastapi-guard/commit/0b003fda4c678c1b514e95f319aee88113e9bf4b", "creation_timestamp": "2025-05-06T20:21:16.000000Z"}, {"uuid": "e23e2e87-1caa-4db4-bee6-7c864e875ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46812", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46812\n\ud83d\udd25 CVSS Score: 2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P)\n\ud83d\udd39 Description: Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's session, potentially leading to unauthorized actions being performed or sensitive information being disclosed. This issue has been patched in version 2.1.15.\n\ud83d\udccf Published: 2025-05-08T19:27:22.573Z\n\ud83d\udccf Modified: 2025-05-08T20:00:42.604Z\n\ud83d\udd17 References:\n1. https://github.com/basecamp/trix/security/advisories/GHSA-mcrw-746g-9q8h\n2. https://github.com/basecamp/trix/commit/75226089646841b0f774d8b152e5ec27d2d9e191", "creation_timestamp": "2025-05-08T20:23:59.000000Z"}, {"uuid": "bf0862a7-d0fc-4cd4-bcf1-e15eae656468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-46811", "type": "seen", "source": "https://bsky.app/profile/exploitdb-bot.bsky.social/post/3mkp3bfrk7y27", "content": "", "creation_timestamp": "2026-04-30T07:21:06.823304Z"}, {"uuid": "cccfa824-c14b-4f7e-b3f8-e592575b5b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46813", "type": "seen", "source": "https://t.me/cvedetector/24506", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46813 - Discourse Data Leak Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46813 \nPublished : May 5, 2025, 8:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : Discourse is an open-source community platform. A data leak vulnerability affects sites deployed between commits 10df7fdee060d44accdee7679d66d778d1136510 and 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b. On login-required sites, the leak meant that some content on the site's homepage could be visible to unauthenticated users. Only login-required sites that got deployed during this timeframe are affected, roughly between April 30 2025 noon EDT and May 2 2025, noon EDT. Sites on the stable branch are unaffected. Private content on an instance's homepage could be visible to unauthenticated users on login-required sites. Versions of 3.5.0.beta4 after commit 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b are not vulnerable to the issue. No workarounds are available. Sites must upgrade to a non-vulnerable version of Discourse. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T00:15:19.000000Z"}, {"uuid": "ceafc913-600b-4abd-a876-e91d2b7e1110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46816", "type": "seen", "source": "https://t.me/cvedetector/24640", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46816 - \"goshs Command Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-46816 \nPublished : May 6, 2025, 7:16 p.m. | 58\u00a0minutes ago \nDescription : goshs is a SimpleHTTPServer written in Go. Starting in version 0.3.4 and prior to version 1.0.5, running goshs without arguments makes it possible for anyone to execute commands on the server. The function `dispatchReadPump` does not checks the option cli `-c`, thus allowing anyone to execute arbitrary command through the use of websockets. Version 1.0.5 fixes the issue. \nSeverity: 9.4 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T22:51:05.000000Z"}, {"uuid": "a81d3e0c-2f8a-4af9-ad4f-56f665d248d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46813", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lohmhasw7j2w", "content": "", "creation_timestamp": "2025-05-06T00:21:58.126518Z"}, {"uuid": "555c3075-0ae1-4f29-90e6-a1357251fe6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m6k52bujnd22", "content": "", "creation_timestamp": "2025-11-26T15:07:17.678111Z"}, {"uuid": "58d65b6c-75b4-4d14-80b6-7682ba22db99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3m6k52raathr2", "content": "", "creation_timestamp": "2025-11-26T15:07:57.654431Z"}, {"uuid": "c76c01ca-76d2-4756-8ef6-b67517283607", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2okdt4ljzv2", "content": "", "creation_timestamp": "2025-10-08T11:35:21.430265Z"}, {"uuid": "e6e4e1eb-b2bf-4e9b-abc8-7eb4555c06b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-46814", "type": "seen", "source": "https://gist.github.com/calenwalshe/e60488e3998fd3d2e527c4af1317edbc", "content": "", "creation_timestamp": "2026-04-15T04:32:14.000000Z"}, {"uuid": "fddd1c26-c3e0-408c-adc9-f5542738b071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "published-proof-of-concept", "source": "Telegram/csg1wYiCImjFY1YnLahkZcywpeCvWGVCGBPO5HZyfvKzw6c", "content": "", "creation_timestamp": "2025-10-07T07:00:12.000000Z"}, {"uuid": "bf6baeee-f672-4ac9-9068-53164463cc66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46819", "type": "published-proof-of-concept", "source": "Telegram/cgjkjeFvaYTYY2Hy-tHxrmfy7h97b4Y-DZ7h_Fd2T5OlKEk", "content": "", "creation_timestamp": "2025-10-07T09:00:04.000000Z"}, {"uuid": "9d8a4b6e-9c64-454a-8a54-0c1b8d5c0493", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "published-proof-of-concept", "source": "Telegram/cgjkjeFvaYTYY2Hy-tHxrmfy7h97b4Y-DZ7h_Fd2T5OlKEk", "content": "", "creation_timestamp": "2025-10-07T09:00:04.000000Z"}, {"uuid": "bc582421-7b8f-4919-83ec-452b67cfcfbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46812", "type": "seen", "source": "https://t.me/cvedetector/24868", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46812 - Trix Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46812 \nPublished : May 8, 2025, 8:15 p.m. | 1\u00a0hour, 18\u00a0minutes ago \nDescription : Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's session, potentially leading to unauthorized actions being performed or sensitive information being disclosed. This issue has been patched in version 2.1.15. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T00:19:04.000000Z"}, {"uuid": "299fe740-2c86-41e6-8928-d24ccee8db7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46815", "type": "seen", "source": "Telegram/PwjyiTDmMCV8n5O4H8WYZUui8x-G-PcEgC06QwyqI9Pyxio", "content": "", "creation_timestamp": "2025-05-06T20:30:48.000000Z"}, {"uuid": "63da329a-3760-48ca-ba48-009ef9088f66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46816", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojwioba322h", "content": "", "creation_timestamp": "2025-05-06T22:27:02.721014Z"}, {"uuid": "340d877b-0c25-45f1-8cfd-fc0b104f0880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46812", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3looxq3xjdn24", "content": "", "creation_timestamp": "2025-05-08T22:32:27.854384Z"}, {"uuid": "7d944af8-f41a-4e57-93bf-94394cb2a2f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "fd45e99a-d724-45e1-91a0-b958a8845fa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://sploitus.com/exploit?id=734892A4-DC9F-532A-B69F-88E0A8F04F5B&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-10-07T02:56:08.000000Z"}, {"uuid": "5a43c4cd-4939-4bd9-8369-539368664d55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46818", "type": "seen", "source": "https://gist.github.com/Darkcrai86/f2a11dc7f6c9f8f65097f7127de5193e", "content": "", "creation_timestamp": "2025-12-11T08:29:13.000000Z"}, {"uuid": "6468b527-181a-4afb-a4e4-8c94a7e91cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-46819", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-03", "content": "", "creation_timestamp": "2026-03-24T11:00:00.000000Z"}, {"uuid": "7f20f98c-adb0-4192-8f87-25eb7fbdc0fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-46818", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-03", "content": "", "creation_timestamp": "2026-03-24T11:00:00.000000Z"}, {"uuid": "f9fccc65-e722-4e2e-a3f3-8d44309eaf6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-46817", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-083-03", "content": "", "creation_timestamp": "2026-03-24T11:00:00.000000Z"}, {"uuid": "cf49d6a4-d615-41d8-bbd9-7c22094bb123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46818", "type": "published-proof-of-concept", "source": "Telegram/cgjkjeFvaYTYY2Hy-tHxrmfy7h97b4Y-DZ7h_Fd2T5OlKEk", "content": "", "creation_timestamp": "2025-10-07T09:00:04.000000Z"}, {"uuid": "e09d1bf8-017e-4375-bfee-71836174176b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4681", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17850", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4681\n\ud83d\udd25 CVSS Score: 8.6 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Abuse.This issue affects upKeeper Instant Privilege Access: before 1.4.0.\n\ud83d\udccf Published: 2025-06-10T08:44:14.160Z\n\ud83d\udccf Modified: 2025-06-10T08:44:14.160Z\n\ud83d\udd17 References:\n1. https://support.upkeeper.se/hc/en-us/articles/20159882527772-CVE-2025-4681-Improper-Privilege-Management", "creation_timestamp": "2025-06-10T09:33:08.000000Z"}, {"uuid": "06cfe12f-a90d-4ec7-9b3b-025c3d0c6600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46817", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/54477", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2025-46817 \u2013 Redis Lua unpack Integer Overflow (Potential RCE)\nURL\uff1ahttps://github.com/dwisiswant0/CVE-2025-46817\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-10-07T05:01:47.000000Z"}, {"uuid": "109c1353-6270-4d49-b02c-92ed86abc254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46816", "type": "published-proof-of-concept", "source": "Telegram/LAhBt3rpcnQDQY7FXJyrJd3noKQxjl1V2vQxdg9PO3Q48dM", "content": "", "creation_timestamp": "2025-06-04T21:00:04.000000Z"}, {"uuid": "d91156d4-eb1e-4a0a-9e22-10a8dfe4f97e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46816", "type": "published-proof-of-concept", "source": "Telegram/MtkbMjKHSfcOGeyYZKODgJ22yCGfMFI_St_Qez5BgCNBgxs", "content": "", "creation_timestamp": "2025-05-06T21:30:42.000000Z"}, {"uuid": "630fa0ea-daed-4e81-8acf-cee2b5541567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46814", "type": "seen", "source": "https://t.me/cvedetector/24614", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46814 - FastAPI Guard HTTP Header Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46814 \nPublished : May 6, 2025, 3:16 p.m. | 46\u00a0minutes ago \nDescription : FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. An HTTP header injection vulnerability has been identified in versions prior to 2.0.0. By manipulating the X-Forwarded-For header, an attacker can potentially inject arbitrary IP addresses into the request. This vulnerability can allow attackers to bypass IP-based access controls, mislead logging systems, and impersonate trusted clients. It is especially impactful when the application relies on the X-Forwarded-For header for IP-based authorization or authentication. Users should upgrade to FastAPI Guard version 2.0.0 to receive a fix. \nSeverity: 3.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T18:39:51.000000Z"}, {"uuid": "7a88a6af-f140-4e27-a9de-4e4877915e4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46815", "type": "seen", "source": "https://t.me/cvedetector/24645", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46815 - ZITADEL IdP Intent Session Token Abuse\", \n  \"Content\": \"CVE ID : CVE-2025-46815 \nPublished : May 6, 2025, 6:15 p.m. | 1\u00a0hour, 58\u00a0minutes ago \nDescription : The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client receives an id and token on a predefined URI. These id and token can then be used to authenticate the user or their session. However, prior to versions 3.0.0, 2.71.9, and 2.70.10, it was possible to exploit this feature by repeatedly using intents. This allowed an attacker with access to the application\u2019s URI to retrieve the id and token, enabling them to authenticate on behalf of the user. It's important to note that the use of additional factors (MFA) prevents a complete authentication process and, consequently, access to the ZITADEL API. Versions 3.0.0, 2.71.9, and 2.70.10 contain a fix for the issue. No known workarounds other than upgrading are available. \nSeverity: 8.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T22:51:12.000000Z"}, {"uuid": "1c90f6cf-1146-454c-91f7-c3baef590f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46815", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojjmy3txj2e", "content": "", "creation_timestamp": "2025-05-06T18:36:43.326936Z"}, {"uuid": "047435a3-a066-4379-adc3-2d8b2a1b984e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46816", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lojlqistvro2", "content": "", "creation_timestamp": "2025-05-06T19:19:59.520274Z"}, {"uuid": "25485316-13e2-4191-bd4d-018325b0c7c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46815", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lojlqm4qmeo2", "content": "", "creation_timestamp": "2025-05-06T19:20:01.819608Z"}, {"uuid": "38cb4dce-97f1-4de0-b948-3feb0fbcdbaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46812", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3looojmngd3y2", "content": "", "creation_timestamp": "2025-05-08T19:48:23.028016Z"}]}