{"vulnerability": "cve-2025-4913", "sightings": [{"uuid": "5d61685d-c214-4507-ab75-10f978865282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/rRcKRxKabz2qESPpdetVuiSVozhY10EMS-voIXs0I8ELfIA", "content": "", "creation_timestamp": "2025-11-30T21:00:05.000000Z"}, {"uuid": "5e4d2c6d-023d-4b96-a5f5-e7059a91fec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/61217", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aAnalysis and reproduction of CVE-2025-57833\nURL\uff1ahttps://github.com/f3d0rq/CVE-2025-49132\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-30T16:37:28.000000Z"}, {"uuid": "01ebe1a4-e1d9-4096-9ed6-c66fca813b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "Telegram/UQbDwBJf9eGeYIZnvSzMssPCMnZFfaxzqfveo0nsduL7XA", "content": "", "creation_timestamp": "2025-06-30T22:56:48.000000Z"}, {"uuid": "eb0f8ca1-fb81-4097-8736-c185818c42bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/sIxRHxrE63FEI5aN4pmB7Ch2tWWUf2QeGGZaTDv-SjnpCes", "content": "", "creation_timestamp": "2025-06-22T19:00:05.000000Z"}, {"uuid": "11713365-0038-4110-a3a2-eb57c54421dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/41452", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA script that gives you the credentials of a Pterodactyl panel vulnerable to CVE-2025-49132\nURL\uff1ahttps://github.com/Zen-kun04/CVE-2025-49132\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-22T13:10:48.000000Z"}, {"uuid": "d964f68f-1b48-4074-b93b-481faaa62966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/41879", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aScanner - CVE-2025-49132\nURL\uff1ahttps://github.com/melonlonmeo/CVE-2025-49132\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-25T18:07:01.000000Z"}, {"uuid": "57261a36-ee04-4dc1-94bb-ad789c833c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/jQQxeN2mPQPtfMYo_To2hQ-_smSd26JApgUtHwY05JTWW84", "content": "", "creation_timestamp": "2026-04-08T21:00:04.000000Z"}, {"uuid": "d21f6ad3-a340-4c90-868b-2858839a9a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/eiq80vTfK0uEvpSaVkLstXl9YEDfyEgGUyA39bKhe3J3sOM", "content": "", "creation_timestamp": "2026-04-24T09:00:04.000000Z"}, {"uuid": "90e4b862-fe8e-4ea9-8bf9-146f7f485510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49137", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17786", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49137\n\ud83d\udd25 CVSS Score: 8.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N)\n\ud83d\udd39 Description: HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, the application does not sufficiently sanitize user input, allowing for the execution of arbitrary JavaScript code. The 'saveNode' and 'saveManifest' endpoints take user input and store it in the JSON schema for the site. This content is then rendered in the generated HAX site. Although the application does not allow users to supply a `script` tag, it does allow the use of other HTML tags to run JavaScript. Version 11.0.0 fixes the issue.\n\ud83d\udccf Published: 2025-06-09T21:00:15.808Z\n\ud83d\udccf Modified: 2025-06-09T21:00:15.808Z\n\ud83d\udd17 References:\n1. https://github.com/haxtheweb/issues/security/advisories/GHSA-2vc4-3hx7-v7v7\n2. https://github.com/haxtheweb/haxcms-php/commit/0dd3e98fe2fadd0793b667d4af2aac230980e0f8", "creation_timestamp": "2025-06-09T21:32:03.000000Z"}, {"uuid": "2b18d7bc-b818-4546-ac55-d732f51db184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4913", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16812", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4913\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in PHPGurukul Auto Taxi Stand Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument Username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-19T05:31:06.374Z\n\ud83d\udccf Modified: 2025-05-19T05:31:06.374Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309470\n2. https://vuldb.com/?ctiid.309470\n3. https://vuldb.com/?submit.579095\n4. https://github.com/Pjwww13447/pjwww/issues/15\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-19T06:38:57.000000Z"}, {"uuid": "dfc013be-9d10-45be-8aca-f59fddaa30fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49136", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17703", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49136\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: listmonk is a standalone, self-hosted, newsletter and mailing list manager. Starting in version 4.0.0 and prior to version 5.0.2, the `env` and `expandenv` template functions which is enabled by default in Sprig enables capturing of env variables on host. While this may not be a problem on single-user (super admin) installations, on multi-user installations, this allows non-super-admin users with campaign or template permissions to use the `{{ env }}` template expression to capture sensitive environment variables. Users should upgrade to v5.0.2 to mitigate the issue.\n\ud83d\udccf Published: 2025-06-09T16:21:48.266Z\n\ud83d\udccf Modified: 2025-06-09T16:21:48.266Z\n\ud83d\udd17 References:\n1. https://github.com/knadh/listmonk/security/advisories/GHSA-jc7g-x28f-3v3h\n2. https://github.com/knadh/listmonk/commit/d27d2c32cf3af2d0b24e29ea5a686ba149b49b3e\n3. https://github.com/knadh/listmonk/releases/tag/v5.0.2", "creation_timestamp": "2025-06-09T16:56:04.000000Z"}, {"uuid": "1baf8a80-03a2-4c97-bc00-e4f7761023ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49133", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17994", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49133\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds (OOB) read vulnerability. The vulnerability occurs in the \u2018CryptHmacSign\u2019 function with an inconsistent pairing of the signKey and signScheme parameters, where the signKey is ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme. The reported vulnerability is in the \u2018CryptHmacSign\u2019 function, which is defined in the \"Part 4: Supporting Routines \u2013 Code\" document, section \"7.151 - /tpm/src/crypt/CryptUtil.c \". This vulnerability can be triggered from user-mode applications by sending malicious commands to a TPM 2.0/vTPM (swtpm) whose firmware is based on an affected TCG reference implementation. The effect on libtpms is that it will cause an abort due to the detection of the out-of-bounds access, thus for example making a vTPM (swtpm) unavailable to a VM. This vulnerability is fixed in 0.7.12, 0.8.10, 0.9.7, and 0.10.1.\n\ud83d\udccf Published: 2025-06-10T19:46:27.397Z\n\ud83d\udccf Modified: 2025-06-10T20:01:40.310Z\n\ud83d\udd17 References:\n1. https://github.com/stefanberger/libtpms/security/advisories/GHSA-25w5-6fjj-hf8g\n2. https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1\n3. https://trustedcomputinggroup.org/resource/tpm-library-specification\n4. https://trustedcomputinggroup.org/wp-content/uploads/TPM-2.0-1.83-Part-4-Supporting-Routines-Code.pdf", "creation_timestamp": "2025-06-10T20:31:55.000000Z"}, {"uuid": "30e20903-9927-4f7d-8055-c34f2ba47e2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49139", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17783", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49139\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, in the HAX site editor, users can create a website block to load another site in an iframe. The application allows users to supply a target URL in the website block. When the HAX site is visited, the client's browser will query the supplied URL. An authenticated attacker can create a HAX site with a website block pointing at an attacker-controlled server running Responder or a similar tool. The attacker can then conduct a phishing attack by convincing another user to visit their malicious HAX site to harvest credentials. Version 11.0.0 contains a patch for the issue.\n\ud83d\udccf Published: 2025-06-09T21:08:44.391Z\n\ud83d\udccf Modified: 2025-06-09T21:08:44.391Z\n\ud83d\udd17 References:\n1. https://github.com/haxtheweb/issues/security/advisories/GHSA-v3ph-2q5q-cg88\n2. https://github.com/haxtheweb/haxcms-nodejs/commit/5368eb9b278ca47cd9a83b8d3e6216375615b8f5", "creation_timestamp": "2025-06-09T21:31:57.000000Z"}, {"uuid": "184cfa8f-8a15-4ef4-9e28-c1f14e143285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49138", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17784", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49138\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, an authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low-privileged user to read arbitrary files on the server by manipulating the location field written into site.json. This enables attackers to exfiltrate sensitive system files such as /etc/passwd, application secrets, or configuration files accessible to the web server (www-data). The vulnerability stems from the way the HAXCMS backend handles the location field in the site's outline. When a user sends a POST request to /system/api/saveOutline, the backend stores the provided location value directly into the site.json file associated with the site, without validating or sanitizing the input. Later the location parameter is interpreted by the CMS to resolve and load the content for a given node. If the location field contains a relative path like `../../../etc/passwd`, the application will attempt to read and render that file. Version 11.0.0 fixes the issue.\n\ud83d\udccf Published: 2025-06-09T21:05:23.245Z\n\ud83d\udccf Modified: 2025-06-09T21:05:23.245Z\n\ud83d\udd17 References:\n1. https://github.com/haxtheweb/issues/security/advisories/GHSA-hxrr-x32w-cg8g\n2. https://github.com/haxtheweb/haxcms-php/blob/b158d8ba1f9602af92ab084fd03b418f953079fd/system/backend/php/lib/HAXCMSSite.php#L1248", "creation_timestamp": "2025-06-09T21:31:58.000000Z"}, {"uuid": "643745c1-6529-4faf-983b-3d9e78b9be5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49134", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18542", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49134\n\ud83d\udd25 CVSS Score: 2.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N)\n\ud83d\udd39 Description: Weblate is a web based localization tool. Prior to version 5.12, the audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters. This issue has been patched in version 5.12.\n\ud83d\udccf Published: 2025-06-16T21:03:31.982Z\n\ud83d\udccf Modified: 2025-06-16T21:03:31.982Z\n\ud83d\udd17 References:\n1. https://github.com/WeblateOrg/weblate/security/advisories/GHSA-4qqf-9m5c-w2c5\n2. https://github.com/WeblateOrg/weblate/pull/15102\n3. https://github.com/WeblateOrg/weblate/commit/020b2905e4d001cff2452574d10e6cf3621b5f62\n4. https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.12.1", "creation_timestamp": "2025-06-16T21:38:14.000000Z"}, {"uuid": "a87df375-b70c-4a21-94f2-7ea90bfe94d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19004", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49132\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it could be used to gain access to the Panel's server, read credentials from the Panel's config, extract sensitive information from the database, access files of servers managed by the panel, etc. This issue has been patched in version 1.11.11. There are no software workarounds for this vulnerability, but use of an external Web Application Firewall (WAF) could help mitigate this attack.\n\ud83d\udccf Published: 2025-06-20T16:56:41.403Z\n\ud83d\udccf Modified: 2025-06-20T17:34:24.439Z\n\ud83d\udd17 References:\n1. https://github.com/pterodactyl/panel/security/advisories/GHSA-24wv-6c99-f843\n2. https://github.com/pterodactyl/panel/commit/24c82b0e335fb5d7a844226b08abf9f176e592f0\n3. https://github.com/pterodactyl/panel/releases/tag/v1.11.11", "creation_timestamp": "2025-06-20T17:46:19.000000Z"}, {"uuid": "f74cef0c-4b96-46bc-b1bb-e98c88d79997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49135", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19471", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49135\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: CVAT is an open source interactive video and image annotation tool for computer vision. Versions 2.2.0 through 2.39.0 have no validation during the import process of a project or task backup to check that the filename specified in the query parameter refers to a TUS-uploaded file belonging to the same user. As a result, if an attacker with a CVAT account and a `user` role knows the filenames of other users' uploads, they could potentially access and steal data by creating projects or tasks using those files.  This issue does not affect annotation or dataset TUS uploads, since in this case object-specific temporary directories are used. Users should upgrade to CVAT 2.40.0 or a later version to receive a patch. No known workarounds are available.\n\ud83d\udccf Published: 2025-06-25T15:05:41.938Z\n\ud83d\udccf Modified: 2025-06-25T15:05:41.938Z\n\ud83d\udd17 References:\n1. https://github.com/cvat-ai/cvat/security/advisories/GHSA-frpr-5w6q-hh4f\n2. https://github.com/cvat-ai/cvat/commit/dbafd9c0287489bea00e1db626f64b107f90bfc9", "creation_timestamp": "2025-06-25T15:52:17.000000Z"}, {"uuid": "90547275-d590-4c8c-a6ea-6aa1423740d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/48164", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis is an improved version of the CVE-2025-49132 proof of concept exploit.\nURL\uff1ahttps://github.com/GRodolphe/CVE-2025-49132_poc\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-18T12:11:52.000000Z"}, {"uuid": "ab37f6f6-6cb3-4e05-9504-952cc4ee1de7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/53064", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-49132\nURL\uff1ahttps://github.com/WebSafety-2tina/CVE-2025-49132\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-25T15:58:27.000000Z"}, {"uuid": "0b6c9486-2ddb-4327-84e4-985b85bc5c4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/nSwOy8pXq7qxZ5lkghM_Fx4RBE1W5qtoDb6yqsk5rMk6h6Y", "content": "", "creation_timestamp": "2025-09-25T21:00:06.000000Z"}, {"uuid": "110384d1-cc8f-418c-8338-53b9e1846b4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/rMGPEftinAjzKoR_zE8SBGcQ2vzrHmgR3TCsszmfdrU6i-0", "content": "", "creation_timestamp": "2025-08-18T15:00:06.000000Z"}, {"uuid": "0faeef6b-162e-4a93-8558-9c5f39e44c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/zgFBnkvVSxRTeAkLtgRFUn68oK3AG1ffjg88xq_I-KMhHIo", "content": "", "creation_timestamp": "2025-08-18T23:00:08.000000Z"}, {"uuid": "06ff52d3-f931-45c4-b8f4-1dc4f55b10bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/-VwGhvHbAqGxMoIqAuNl2S-GtS9GOszjSHCSlHw-Z7vkd70", "content": "", "creation_timestamp": "2025-06-26T15:00:10.000000Z"}, {"uuid": "6e601a63-6162-41c3-831e-865d572311b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/X5o6JxwVyT7kcEs2WJ4q2ZFDLNC-MBNLMsHZTgnAYZthkfU", "content": "", "creation_timestamp": "2025-06-24T03:00:07.000000Z"}, {"uuid": "ed85d7e1-ac6a-447e-abb0-4a1cc0c5ca4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/j3gTMMDHI3yNpDteSce5I1RswvqpujBgNmLdEQTPSBddd3I", "content": "", "creation_timestamp": "2025-06-24T03:00:05.000000Z"}, {"uuid": "35a059c3-c272-4523-bb5e-5cbf7b882996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/CcyjHkNjVgkEwMecQxDV2tqoHdYRDeP6dqEdCkr6R7KZfXo", "content": "", "creation_timestamp": "2025-06-23T03:00:06.000000Z"}, {"uuid": "3096b497-fd3f-4297-81e0-327419a5176d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/sDe_NvnZzosyJDQL5AFCzTRjhrPu0XzfD6ayEIcobXB5NsE", "content": "", "creation_timestamp": "2025-06-23T09:00:05.000000Z"}, {"uuid": "023206fd-dbc6-4f45-a9f6-f8b00bebe63c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114774523160573694", "content": "", "creation_timestamp": "2025-06-30T21:50:39.331633Z"}, {"uuid": "ff2c7736-efa5-4b11-80c2-08ff77b29969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lsiewecy5y26", "content": "", "creation_timestamp": "2025-06-26T05:20:36.840545Z"}, {"uuid": "19b04063-3cdf-41a9-a3ce-7708c2fff36b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls2x4qkoyb2k", "content": "", "creation_timestamp": "2025-06-20T21:09:01.386846Z"}, {"uuid": "56d1ff80-182c-47b0-86e6-216dbea4a45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49130", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr6novdwzp2u", "content": "", "creation_timestamp": "2025-06-09T15:05:40.329649Z"}, {"uuid": "99c15072-c534-4d1b-af8e-ab48fb57885a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-49132.yaml", "content": "", "creation_timestamp": "2025-06-21T00:25:48.000000Z"}, {"uuid": "11e3d0e0-162c-4375-861d-fcfecd9ba33b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lsmjzbcxuv24", "content": "", "creation_timestamp": "2025-06-27T21:02:30.338282Z"}, {"uuid": "16bcc5a0-665e-4620-8e82-4bf4da6f095e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49137", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr7ifpcm642a", "content": "", "creation_timestamp": "2025-06-09T23:03:43.002408Z"}, {"uuid": "acd67ea5-0fe7-4069-a644-33408062732a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ls5h7o3ard2h", "content": "", "creation_timestamp": "2025-06-21T21:02:23.728576Z"}, {"uuid": "d15796c5-c1dd-45b6-b742-f088a211703b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lseymlmvmi2h", "content": "", "creation_timestamp": "2025-06-24T21:02:29.053072Z"}, {"uuid": "63d01736-5cd5-403b-9dd8-f013d9598d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49136", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "0639aa13-77a0-4072-92c5-78873133a70b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49133", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lv77jnzi732z", "content": "", "creation_timestamp": "2025-07-30T18:05:38.680535Z"}, {"uuid": "e33c9831-5462-4422-953f-3683fab314a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49133", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lv77jvomtgd2", "content": "", "creation_timestamp": "2025-07-30T18:06:21.853765Z"}, {"uuid": "ae2db063-0b7f-44f1-862a-2c9e62cd02c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49133", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lv7ehssa7s2d", "content": "", "creation_timestamp": "2025-07-30T19:34:07.583777Z"}, {"uuid": "4f11a5ed-0073-4cbb-beef-4b1ef24a11a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49136", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/listmonk_env_disclosure.rb", "content": "", "creation_timestamp": "2025-10-08T21:09:17.000000Z"}, {"uuid": "75417ed2-a523-4b52-9a97-3ee08687e8d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49136", "type": "seen", "source": "https://gist.github.com/alon710/128173bdf7a72d5dd0cfdf8f4e2ec93f", "content": "", "creation_timestamp": "2026-01-24T21:30:40.000000Z"}, {"uuid": "ad7ad3a4-d95f-45c5-b5e0-a3bb00722856", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4913", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpja7zma4c2w", "content": "", "creation_timestamp": "2025-05-19T09:13:41.076805Z"}, {"uuid": "e31465f6-3c0a-477e-82fc-5763187fb626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lryy2wn5el2q", "content": "", "creation_timestamp": "2025-06-20T02:20:35.305825Z"}, {"uuid": "12f11ee2-600a-4fec-95a4-af5a90ddb79b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49134", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrr5bwx6ws2m", "content": "", "creation_timestamp": "2025-06-16T23:32:40.979458Z"}, {"uuid": "a7ab786a-89f7-4112-bf04-39e2139ee9f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49135", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsh2sek2me2s", "content": "", "creation_timestamp": "2025-06-25T16:46:45.057560Z"}, {"uuid": "12b23322-1de4-460b-ad2c-cbdf3ab07294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49136", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr762ttnys2e", "content": "", "creation_timestamp": "2025-06-09T19:58:41.177022Z"}, {"uuid": "b3444f27-80f9-4a97-9a0f-cf75ca822115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49139", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr7jjqz7562e", "content": "", "creation_timestamp": "2025-06-09T23:23:52.767920Z"}, {"uuid": "409ecf0a-c3af-44fd-aecc-b253a75f05a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49138", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr7lqdpkxs2a", "content": "", "creation_timestamp": "2025-06-10T00:03:21.234711Z"}, {"uuid": "36c023d5-ac3c-4895-8909-de6d7550200f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ls5wby6yek25", "content": "", "creation_timestamp": "2025-06-22T01:32:03.538429Z"}, {"uuid": "3337b0c7-1fb5-4623-b944-d627a8a6a2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/ryan.staticnoi.se/post/3lrxycurark2g", "content": "", "creation_timestamp": "2025-06-19T16:52:25.309418Z"}, {"uuid": "b3b5d85b-2da6-4c15-8568-d4ab03ecdd47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/ryan.staticnoi.se/post/3lrxycwhe7s2g", "content": "", "creation_timestamp": "2025-06-19T16:52:25.858146Z"}, {"uuid": "2fcd6acc-5dee-41ed-9237-fca882cb8e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49136", "type": "seen", "source": "https://gist.github.com/alon710/2aeb9181d822da66f0341f802419d7a7", "content": "", "creation_timestamp": "2026-01-24T21:30:38.000000Z"}, {"uuid": "58a656c5-4bfb-478a-b9ea-42323aee0cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49136", "type": "seen", "source": "https://gist.github.com/alon710/75bd805fd5fae660ad9e3111584de4d0", "content": "", "creation_timestamp": "2026-01-24T22:42:40.000000Z"}, {"uuid": "847f173c-f3b0-4616-b693-9f1fbcd2a91a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/89WmP_gC2SHosMsiUrRK7pT8KuQvaqUcBa2DausPuvIklXc", "content": "", "creation_timestamp": "2025-07-04T15:00:11.000000Z"}, {"uuid": "f4cdbf95-aaab-4bfc-8509-cbd8e8b1baf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/zjpS5O5pgCt8maWAaOuHWxccKj7wUs1tT4M9oy_Y1o38DLE", "content": "", "creation_timestamp": "2025-07-04T09:00:05.000000Z"}, {"uuid": "7d69869e-e342-4d87-b5bd-ad483023a931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/sIKwSeNUpe7JNZeJNh_vlAgf4HoS_EvEcDsmJEUgRhpauHM", "content": "", "creation_timestamp": "2025-06-25T07:00:06.000000Z"}, {"uuid": "1aa0ba40-0603-417c-bb5f-3985bbf768c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/pUfnhaLV4iQSz5wNjxln12A4BK4d06xT0RCTqD4hn9oNJp0", "content": "", "creation_timestamp": "2025-06-25T03:00:05.000000Z"}, {"uuid": "6ecf7840-72ee-454d-8474-30a372e7ee18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/INbhvu6suw58y9HrUal3G_Q-Sx3WcR9t4iYviK9OyeuUsQE", "content": "", "creation_timestamp": "2025-06-25T21:00:04.000000Z"}, {"uuid": "de3e86ff-098f-45a2-a4b3-4059a2efc89c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "published-proof-of-concept", "source": "Telegram/19EMVZIHpcnMlAoFeCqFg_0vg5TINRuzyp1l3_kYKW1wZpE", "content": "", "creation_timestamp": "2025-06-22T21:00:05.000000Z"}, {"uuid": "4fc82c8a-2eaf-4738-8af3-ecf6e9bfeb15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114716930881228437", "content": "", "creation_timestamp": "2025-06-20T17:44:10.828750Z"}, {"uuid": "57840bc8-e0b3-4cdc-9df2-22dce2c2df83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://gist.github.com/Dann0010/e98cde759f5f74b5f8c24599a6001d99", "content": "", "creation_timestamp": "2025-06-21T16:03:53.000000Z"}, {"uuid": "d9d905a7-2c4f-443e-b99c-2719ea41eb77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/ntkramer.bsky.social/post/3lu4fconj6f25", "content": "", "creation_timestamp": "2025-07-16T21:45:55.973694Z"}, {"uuid": "ee611c67-664c-432e-a539-5026e5c25585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://bsky.app/profile/ntkramer.bsky.social/post/3lu4fcthb542a", "content": "", "creation_timestamp": "2025-07-16T21:46:01.063824Z"}, {"uuid": "3ca410a4-4a95-4da8-9d76-39491b071c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-49132", "type": "seen", "source": "https://infosec.exchange/users/ntkramer/statuses/114865100482587912", "content": "", "creation_timestamp": "2025-07-16T21:46:49.141184Z"}]}