{"uuid": "f5bc963a-5139-44af-bbea-641e7169b2bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-59287", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/184", "content": "CVE-2025-59287\n\nWSUS Unauthenticated RCE. This vulnerability arises from the unsafe deserialization of AuthorizationCookie objects sent to the GetCookie() endpoint, where encrypted cookie data is decrypted using AES-128-CBC and subsequently deserialized through BinaryFormatter without proper type validation, enabling remote code execution with SYSTEM privileges.", "creation_timestamp": "2025-10-27T15:51:23.000000Z"}