{"vulnerability": "cve-2025-4525", "sightings": [{"uuid": "35945398-137a-4dff-8bf2-85a8790d44df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4525", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15916", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4525\n\ud83d\udd25 CVSS Score: 7.3 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in Discord 1.0.9188 on Windows. Affected by this issue is some unknown functionality in the library WINSTA.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-05-10T22:31:05.153Z\n\ud83d\udccf Modified: 2025-05-10T22:31:05.153Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.308270\n2. https://vuldb.com/?ctiid.308270\n3. https://vuldb.com/?submit.562788\n4. https://gist.github.com/shellkraft/ac4be6a3953e2889a7bf54aea2db88c2", "creation_timestamp": "2025-05-10T23:27:33.000000Z"}, {"uuid": "82901b88-659b-4ef8-b59d-6c8f6a186df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4525", "type": "seen", "source": "https://t.me/cvedetector/25031", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4525 - Discord WINSTA.dll Uncontrolled Search Path Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4525 \nPublished : May 10, 2025, 11:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in Discord 1.0.9188 on Windows. Affected by this issue is some unknown functionality in the library WINSTA.dll. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-11T03:19:22.000000Z"}, {"uuid": "1265ac69-7438-46a2-a693-9a8896561105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-45250", "type": "seen", "source": "https://t.me/cvedetector/24622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-45250 - MrDoc SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-45250 \nPublished : May 6, 2025, 5:16 p.m. | 50\u00a0minutes ago \nDescription : MrDoc v0.95 and before is vulnerable to Server-Side Request Forgery (SSRF) in the validate_url function of the app_doc/utils.py file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T20:20:12.000000Z"}, {"uuid": "18812ae4-0732-4a3c-95de-74a1cb2ceeb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-45250", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/35780", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-45250 POC\nURL\uff1ahttps://github.com/Anike-x/CVE-2025-45250\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-05-06T14:08:22.000000Z"}, {"uuid": "01dd234c-3c1d-4154-812d-822b42c6d8d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-45250", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojis6pk2k2j", "content": "", "creation_timestamp": "2025-05-06T18:21:48.790904Z"}, {"uuid": "5c8d55b6-132c-41f6-9cab-8229221c9178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4525", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lou3qi56mef2", "content": "", "creation_timestamp": "2025-05-10T23:27:37.138858Z"}, {"uuid": "08051c9d-10c2-4423-9958-3f060069331a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4525", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lou7mfwfx62h", "content": "", "creation_timestamp": "2025-05-11T00:36:44.023859Z"}, {"uuid": "0f0a06d9-00d1-4862-9e8d-f6d74585bb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4525", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114486409909099551", "content": "", "creation_timestamp": "2025-05-11T00:39:39.896513Z"}]}