{"vulnerability": "cve-2025-3449", "sightings": [{"uuid": "8db7d11c-51d2-4725-a01d-9df4660bf7e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-3449", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-04", "content": "", "creation_timestamp": "2026-05-21T05:00:00.000000Z"}, {"uuid": "4213908a-cb46-4b55-b542-ecff97977962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34490", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnvqh3sltl2s", "content": "", "creation_timestamp": "2025-04-28T21:45:27.396056Z"}, {"uuid": "03a8d7ca-eeb6-4c4c-b639-4987fca85733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34491", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114417790264877305", "content": "", "creation_timestamp": "2025-04-28T21:49:17.596581Z"}, {"uuid": "145876b1-4d67-4e47-a03c-bc05676eee1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34491", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnvsoowbph2t", "content": "", "creation_timestamp": "2025-04-28T22:25:29.753493Z"}, {"uuid": "43b56d3b-5e10-4541-badb-953a159ae52b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34491", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lnvvymg75c25", "content": "", "creation_timestamp": "2025-04-28T23:24:43.967524Z"}, {"uuid": "b067e19e-581a-4abf-a14c-de9da20f31d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34491", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13733", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-34491\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.\n\ud83d\udccf Published: 2025-04-28T19:20:02.027Z\n\ud83d\udccf Modified: 2025-04-28T19:41:07.044Z\n\ud83d\udd17 References:\n1. https://frycos.github.io/vulns4free/2025/04/28/mailessentials.html\n2. https://gfi.ai/products-and-solutions/network-security-solutions/mailessentials/resources/documentation/product-releases", "creation_timestamp": "2025-04-28T20:11:21.000000Z"}, {"uuid": "4cea3001-9dac-407f-b428-d20eec98a0ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34499", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7qryxtljv2m", "content": "", "creation_timestamp": "2025-12-12T00:03:31.978392Z"}, {"uuid": "6088a749-9459-4d4a-96f4-38b5653bb792", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34491", "type": "seen", "source": "https://t.me/cvedetector/23952", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-34491 - GFI MailEssentials .NET Deserialization Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-34491 \nPublished : April 28, 2025, 8:15 p.m. | 1\u00a0hour, 35\u00a0minutes ago \nDescription : GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T00:06:29.000000Z"}, {"uuid": "2c35ca91-5322-4028-95fe-63b3b3a67533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3449", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av25-670", "content": "", "creation_timestamp": "2025-10-15T14:00:01.000000Z"}, {"uuid": "71b6ef4d-a605-4c7d-acaf-dec71cf054a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34490", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13723", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-34490\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An authenticated and remote attacker can send crafted HTTP requests to read arbitrary system files.\n\ud83d\udccf Published: 2025-04-28T19:02:03.532Z\n\ud83d\udccf Modified: 2025-04-28T19:02:03.532Z\n\ud83d\udd17 References:\n1. https://frycos.github.io/vulns4free/2025/04/28/mailessentials.html\n2. https://gfi.ai/products-and-solutions/network-security-solutions/mailessentials/resources/documentation/product-releases", "creation_timestamp": "2025-04-28T19:11:25.000000Z"}, {"uuid": "c9a1946b-30f5-4851-bf7c-6444af3c7907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34490", "type": "seen", "source": "https://t.me/cvedetector/23934", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-34490 - GFI MailEssentials XXE Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-34490 \nPublished : April 28, 2025, 7:15 p.m. | 24\u00a0minutes ago \nDescription : GFI MailEssentials prior to version 21.8 is vulnerable to an XML External Entity (XXE) issue. An authenticated and remote attacker can send crafted HTTP requests to read arbitrary system files. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-28T22:25:51.000000Z"}]}