{"vulnerability": "CVE-2025-2285", "sightings": [{"uuid": "3a4dc424-7c99-441b-a67f-d3f39ff544f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22855", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmcygex44e2v", "content": "", "creation_timestamp": "2025-04-08T17:22:29.711384Z"}, {"uuid": "eb8f3141-0e80-499b-8607-2838b458bfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2285", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "7a292b90-5ba9-49ae-8763-88c39f469e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22859", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp2rm4mmsxr2", "content": "", "creation_timestamp": "2025-05-13T15:31:08.148002Z"}, {"uuid": "fcbb4de8-8a2b-48f9-a9ab-30587a4a290a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2285", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114308189037550499", "content": "", "creation_timestamp": "2025-04-09T13:15:45.541880Z"}, {"uuid": "50f03006-7ad0-49b2-81cd-8b7aa8bf8878", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22854", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22854\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/S:P/AU:Y/R:A/RE:M/U:Red)\n\ud83d\udd39 Description: Improper handling of non-200 http responses in\u00a0the PingFederate Google Adapter\u00a0leads to thread exhaustion under normal usage conditions.\n\ud83d\udccf Published: 2025-06-15T15:00:06.010Z\n\ud83d\udccf Modified: 2025-06-15T15:00:06.010Z\n\ud83d\udd17 References:\n1. https://www.pingidentity.com/en/resources/downloads/pingfederate.html\n2. https://docs.pingidentity.com/integrations/google/google_login_integration_kit/pf_google_cic_changelog.html", "creation_timestamp": "2025-06-15T15:39:36.000000Z"}, {"uuid": "0990e777-5dee-4922-ae66-536dc8d99666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2285", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10930", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2285\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae \u00a0due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data.  If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file.\n\ud83d\udccf Published: 2025-04-08T15:15:11.249Z\n\ud83d\udccf Modified: 2025-04-08T15:37:13.536Z\n\ud83d\udd17 References:\n1. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html", "creation_timestamp": "2025-04-08T15:47:04.000000Z"}, {"uuid": "9ff5b208-599f-41d9-b416-ae61e41d0b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22859", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16140", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22859\n\ud83d\udd25 CVSS Score: 5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C)\n\ud83d\udd39 Description: A\u00a0Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and FortiClientEMS Cloud 7.4.0 through 7.4.1 may allow a remote unauthenticated attacker to perform a limited arbitrary file write on the system via upload requests.\n\ud83d\udccf Published: 2025-05-13T14:46:42.743Z\n\ud83d\udccf Modified: 2025-05-13T15:17:40.699Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-552", "creation_timestamp": "2025-05-13T15:31:13.000000Z"}, {"uuid": "c336a15f-0ceb-4b40-b4c5-c057ca3294ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22855", "type": "seen", "source": "https://t.me/cvedetector/22465", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22855 - Fortinet FortiClient Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-22855 \nPublished : April 8, 2025, 2:15 p.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS administrator to send messages containing javascript code. \nSeverity: 2.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T18:10:59.000000Z"}, {"uuid": "bec53e6b-a66e-4c3a-a5a0-56c9e6247e12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22851", "type": "seen", "source": "https://t.me/cvedetector/22248", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22851 - OpenHarmony Integer Overflow Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22851 \nPublished : April 7, 2025, 3:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T07:01:26.000000Z"}]}