{"vulnerability": "cve-2025-3986", "sightings": [{"uuid": "d383af4c-b2df-4060-b56d-490b37c16982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39865", "type": "seen", "source": "https://gist.github.com/Darkcrai86/1e221b82049ef827dece6d54ff4b475d", "content": "", "creation_timestamp": "2025-09-19T16:57:36.000000Z"}, {"uuid": "9cb2f6b3-47e7-465d-8740-48c69f31ad84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://gist.github.com/Darkcrai86/36f3efd3636fc6874178c317d15df241", "content": "", "creation_timestamp": "2025-09-19T16:57:09.000000Z"}, {"uuid": "44a4658f-cc69-443f-b11f-fc24c2ff4009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39861", "type": "seen", "source": "https://gist.github.com/Darkcrai86/b17201591c668e086baecc17f72f29f5", "content": "", "creation_timestamp": "2025-09-19T16:58:33.000000Z"}, {"uuid": "d9e22d3c-5f4d-4114-a246-3634bfeea7df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39860", "type": "seen", "source": "https://gist.github.com/Darkcrai86/ded9db2b016cbdce0dabb45a03211c4e", "content": "", "creation_timestamp": "2025-09-19T16:59:00.000000Z"}, {"uuid": "4f1e6ab0-e039-475c-b875-a2cc850668ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39868", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3m265xk455c2z", "content": "", "creation_timestamp": "2025-10-01T23:10:58.722451Z"}, {"uuid": "767a53bb-99b1-4f24-9a0e-50a830330177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3986", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/115861905013508880", "content": "", "creation_timestamp": "2026-01-08T22:46:09.303263Z"}, {"uuid": "5a68c3f4-e49a-434d-a0b2-4edc0b90b3ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39863", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "39987819-9f5f-4e23-9a07-d4359c71a888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39865", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "73d4c39b-8d08-42a1-ad21-b8a84402d255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "1a1e8781-2088-431d-ada9-56957797ac04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39860", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "94bd418c-a203-4520-a413-642ea802ec3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39863", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "6a737aee-478c-420e-b03c-0956f336db2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39869", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "cd2822bc-b5ca-481a-a524-8fb30a70583c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "published-proof-of-concept", "source": "Telegram/T77Hbv9lEvKs50kS6fXWkONJveYEbv_by5caNkW_NqvcOt4", "content": "", "creation_timestamp": "2025-09-26T19:00:10.000000Z"}, {"uuid": "0246d8e9-07f0-44ad-8b26-ff75ad9be30f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3986", "type": "seen", "source": "https://t.me/cvedetector/23866", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3986 - Apache Apereo CAS Regular Expression Inefficient Complexity Remote Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3986 \nPublished : April 27, 2025, 9:15 p.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : A vulnerability was found in Apereo CAS 5.2.6. It has been declared as problematic. This vulnerability affects unknown code of the file cas-5.2.6\\core\\cas-server-core-configuration-metadata-repository\\src\\main\\java\\org\\apereo\\cas\\metadata\\rest\\CasConfigurationMetadataServerController.java. The manipulation of the argument Name leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-28T01:31:11.000000Z"}, {"uuid": "f36590b8-e957-4fd7-8f14-8f7d2ef612d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lzcmnw3b622v", "content": "", "creation_timestamp": "2025-09-21T00:19:29.784187Z"}, {"uuid": "e066fab9-2156-4668-81e0-c8d5aed6f4b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lzwfeze63o2p", "content": "", "creation_timestamp": "2025-09-28T21:02:28.258928Z"}, {"uuid": "d2455f8a-b549-4c9a-a2a2-4ddc4b38c22e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39860", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "1cf2ad1e-fbda-4fd4-a52a-f6211c9d1489", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39863", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "7c8fc91a-6e8e-4f2b-af0e-8b442513ec43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39861", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "33cb6b06-bf30-4e41-a34d-122cf5947767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "35a122e5-1274-44b4-ad84-17fa13c94a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39865", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "8586e7f6-cb2b-415c-bbab-1a304ff7adc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39869", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "310971b2-dbab-4a0e-ada0-ce45f160a162", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39864", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "17dc3b75-c1e4-4e83-88c8-9a7cc643b45a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39861", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "5051e610-c22f-4acf-b3d4-2e5558d77a3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39864", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "57651568-8559-4a82-89f4-54e5f09ca9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39865", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "922746a2-5f6e-461a-a898-8f56c6029bb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "39efe2f6-ed49-4790-8ede-afd8308f8998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3986", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13636", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3986\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Apereo CAS 5.2.6. It has been declared as problematic. This vulnerability affects unknown code of the file cas-5.2.6\\core\\cas-server-core-configuration-metadata-repository\\src\\main\\java\\org\\apereo\\cas\\metadata\\rest\\CasConfigurationMetadataServerController.java. The manipulation of the argument Name leads to inefficient regular expression complexity. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-04-27T21:00:07.694Z\n\ud83d\udccf Modified: 2025-04-27T21:00:07.694Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.306322\n2. https://vuldb.com/?ctiid.306322\n3. https://vuldb.com/?submit.557473\n4. https://wx.mail.qq.com/s?k=rk-m8GwRMVMcOjBY1a", "creation_timestamp": "2025-04-27T21:11:40.000000Z"}, {"uuid": "d8e6d4f0-a686-44f1-b26b-583400f87273", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/53189", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aProof of concept for CVE-2025-39866 (UAF and race condition)\nURL\uff1ahttps://github.com/byteReaper77/CVE-2025-39866\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-26T15:41:11.000000Z"}, {"uuid": "157b89f9-d6b1-4ab4-91cf-831bb62991b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "published-proof-of-concept", "source": "Telegram/pPehM9XP9UqPJSkSBo6XE6EECTJ7mFLOl2isDLbdd3m6RM0", "content": "", "creation_timestamp": "2025-09-26T21:00:06.000000Z"}, {"uuid": "1050f01f-baca-419c-a0ee-bcb4950a5102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3986", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnt7owncbd2h", "content": "", "creation_timestamp": "2025-04-27T21:40:20.662427Z"}, {"uuid": "23a2f17d-2573-474e-a59a-1ecebc028af8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://sploitus.com/exploit?id=2CFE0ED8-8947-5416-9FF0-4B6CA997AB7E&utm_source=rss&utm_medium=rss", "content": "", "creation_timestamp": "2025-09-26T13:35:50.000000Z"}, {"uuid": "ea7aefd8-7029-4c6e-a17d-11c53896a63e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39860", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-06", "content": "", "creation_timestamp": "2026-02-12T11:00:00.000000Z"}, {"uuid": "818148bd-a2ba-4431-a754-b35e491b655f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39864", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-06", "content": "", "creation_timestamp": "2026-02-12T11:00:00.000000Z"}, {"uuid": "d6780f05-0a4a-49b4-a105-ae6851958367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39865", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-06", "content": "", "creation_timestamp": "2026-02-12T11:00:00.000000Z"}, {"uuid": "3e45c969-f5d7-4553-83eb-71a183fc2682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39863", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "3eddb84e-0ed9-40d0-a858-4d6e5632c459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-39866", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10", "content": "", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}, {"uuid": "08438945-006e-4ee0-b1b6-e100d9b6ba50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-39865", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10", "content": "", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}, {"uuid": "578cddd7-1644-4380-a844-0cab49cfb99c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-39864", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10", "content": "", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}, {"uuid": "ca24cb8b-784a-424e-b320-0f0d2a13d745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-39860", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10", "content": "", "creation_timestamp": "2026-05-14T10:00:00.000000Z"}, {"uuid": "e1c2b65e-e231-46ce-9cb9-b9290a0d9224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-39869", "type": "seen", "source": "https://gist.github.com/Darkcrai86/6944c9336af9e00a69604509d0496e86", "content": "", "creation_timestamp": "2025-09-23T07:40:04.000000Z"}]}