{"vulnerability": "CVE-2025-60710", "sightings": [{"uuid": "bbcc48bb-f32c-4bd4-bc6e-73a1fb3fb9ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://gist.github.com/stone776/3d08ecfe13c93ecafaa4d45bb1ff7634", "content": "", "creation_timestamp": "2026-04-14T14:13:46.000000Z"}, {"uuid": "59030382-5f7a-4619-81e2-87dd70db428a", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/102895ab-d4c1-4ccf-b753-c566efcf9709", "content": "", "creation_timestamp": "2026-04-13T18:00:02.914908Z"}, {"uuid": "67b8b02e-a64d-4a98-8fdb-ed1c7f30e827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "Telegram/LHQfgYAbtuG7CogYZyWoKm7-py5GuHojGsIqn2GfOFcZFnQ", "content": "", "creation_timestamp": "2026-04-13T21:22:02.000000Z"}, {"uuid": "d908eaf5-46d2-4652-baa3-5fe6e48c7b6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "d26d610c-2b52-4af1-b60f-5b64c0002230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6244768", "content": "", "creation_timestamp": "2026-04-13T18:07:36.314975Z"}, {"uuid": "97c7081d-1fb9-48db-81e6-a5f12829eb82", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "exploited", "source": "https://db.gcve.eu/known-exploited-vulnerabilities-catalog/b5f393ae-0636-4b55-8ed3-f82bd348e252", "content": "", "creation_timestamp": "2026-04-13T18:00:02.988106Z"}, {"uuid": "d1dd4f67-ec27-4b0a-af26-8375483c67d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116399043810586963", "content": "", "creation_timestamp": "2026-04-13T19:27:37.564227Z"}, {"uuid": "c6dec834-6f66-4610-933f-0f9b41ebd4c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjfnti6xlz25", "content": "", "creation_timestamp": "2026-04-13T20:01:32.480215Z"}, {"uuid": "da23f28e-0154-4b1a-bbff-792f2d822aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mjibqcs5kg2h", "content": "", "creation_timestamp": "2026-04-14T21:03:07.021608Z"}, {"uuid": "c9e88b5c-f861-48ef-b178-c4feb4906b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mjkc4w5lcw2h", "content": "", "creation_timestamp": "2026-04-15T16:15:22.585061Z"}, {"uuid": "b344adea-8913-4fc1-9efc-8e8026d811de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "published-proof-of-concept", "source": "Telegram/IOd4iGy4WmeEw_BHRHCcIohzvTPU8ysgCkcOW7mJ9lPu0g", "content": "", "creation_timestamp": "2025-11-12T11:37:49.000000Z"}, {"uuid": "d99677bb-668d-4608-92ff-958f7c9e7677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/115542053257805273", "content": "", "creation_timestamp": "2025-11-13T11:03:40.017873Z"}, {"uuid": "f1e28446-4e74-4c98-9bbe-fc3083a9c0a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0358", "content": "", "creation_timestamp": "2025-11-11T17:29:38.000000Z"}, {"uuid": "6e738f0f-f0da-4a61-954d-c17c2cbc10a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "published-proof-of-concept", "source": "Telegram/L8IRYWQlLINCFGkrQPB4Yc80o1YA-P_zXNdVEzBYDf77AQ", "content": "", "creation_timestamp": "2025-11-12T11:37:48.000000Z"}, {"uuid": "9996f3d7-97b0-4de2-b4d5-fc77a168e861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-60710", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/196", "content": "CVE-2025-60710 Local Privilege Escalation in Taskhost Windows Tasks\n\nThis is PoC for local privilege escalation vulnerability in \\Microsoft\\Windows\\WindowsAI\\Recall\\PolicyConfiguration scheduled task.\nWhen this scheduled task is started the taskhostw.exe process whill try to open the C:\\Users\\%username%\\AppData\\Local\\CoreAIPlatform.00\\UKP directory and search for directories using the following filter: {????????-????-????-????-????????????}. If that directory is found it will be deleted without checking for symbolic links.\nAs low privilege user by default can create directories in their own %LOCALAPPDATA% folder this leads to arbitrary folder delete in context of NT AUTHORITY\\SYSTEM user.", "creation_timestamp": "2025-11-12T09:10:47.000000Z"}]}