{"vulnerability": "CVE-2025-2440", "sightings": [{"uuid": "979f1e91-f140-4a42-bdcf-aa9347a5bf09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24400", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdumuzhts2p", "content": "", "creation_timestamp": "2025-01-22T17:15:59.734992Z"}, {"uuid": "e5cd077e-2bbe-43be-8cdb-0db64a470c9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24401", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdumxrnhc2r", "content": "", "creation_timestamp": "2025-01-22T17:16:02.666046Z"}, {"uuid": "b55d6548-de1f-4f93-b5a8-82d943afd3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24402", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdun2kurk2w", "content": "", "creation_timestamp": "2025-01-22T17:16:05.587062Z"}, {"uuid": "971fa930-bb2f-4896-b8d8-2943cc293d2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24403", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdun5c5g72f", "content": "", "creation_timestamp": "2025-01-22T17:16:08.524808Z"}, {"uuid": "9b1a1f35-da66-4a00-b182-f74a6c5b0a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24400", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113873287621870613", "content": "", "creation_timestamp": "2025-01-22T17:54:36.464642Z"}, {"uuid": "33943d91-5296-44ab-8745-a9701b413240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24401", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113873287621870613", "content": "", "creation_timestamp": "2025-01-22T17:54:36.510175Z"}, {"uuid": "f7f38110-3394-4b13-b98f-3e001c522713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24402", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113873287621870613", "content": "", "creation_timestamp": "2025-01-22T17:54:36.558029Z"}, {"uuid": "b519fcc9-ba52-4c95-bbab-180cfaf74081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24403", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113873287621870613", "content": "", "creation_timestamp": "2025-01-22T17:54:36.602290Z"}, {"uuid": "f07416ae-4c00-46f8-b8f1-6389be50bd69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24403", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j5o4cy2e", "content": "", "creation_timestamp": "2025-01-22T19:54:58.419691Z"}, {"uuid": "682150d6-dd60-42e6-90d0-76280b95f12f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24402", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j65xnq2w", "content": "", "creation_timestamp": "2025-01-22T19:55:00.175325Z"}, {"uuid": "7815d322-7bfa-478b-a732-a284a317ddc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24400", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j6huy52h", "content": "", "creation_timestamp": "2025-01-22T19:55:01.949204Z"}, {"uuid": "157861e2-f2fb-47e2-8473-1b406592e5d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24401", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j747ac2y", "content": "", "creation_timestamp": "2025-01-22T19:55:05.468716Z"}, {"uuid": "459acf8a-486f-4b85-8d36-979636faa20a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24406", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwbhqfutj2z", "content": "", "creation_timestamp": "2025-02-11T18:18:53.020313Z"}, {"uuid": "9ac8bd1d-2514-4c3e-a028-cea2dadb37b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24409", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113986746085453901", "content": "", "creation_timestamp": "2025-02-11T18:48:36.522669Z"}, {"uuid": "3e87e139-294f-4e4e-8047-cc259b91bc33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24409", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhwkgtjor72t", "content": "", "creation_timestamp": "2025-02-11T20:59:29.260296Z"}, {"uuid": "778589f7-cd07-4595-a617-0f7aef1b236c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24407", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwbhsr24u2g", "content": "", "creation_timestamp": "2025-02-11T18:18:55.145414Z"}, {"uuid": "d1c2d086-0103-4be9-8965-6da550c70777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24408", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwbhvcy3x2x", "content": "", "creation_timestamp": "2025-02-11T18:18:57.982184Z"}, {"uuid": "4dd11383-2d86-40ec-9187-5223ea09d25a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24409", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwbhxmbsh2x", "content": "", "creation_timestamp": "2025-02-11T18:19:00.274490Z"}, {"uuid": "54cea4d9-7f1e-49e3-81e2-043c880d1782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2440", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-107-01", "content": "", "creation_timestamp": "2025-04-17T10:00:00.000000Z"}, {"uuid": "03d35266-940a-480f-aa9a-f4e654ba2d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24404", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/152", "content": "", "creation_timestamp": "2025-09-06T14:14:55.000000Z"}, {"uuid": "90d71fac-26d6-4813-8649-0fb700e48fef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24404", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ly6mlrjpms2i", "content": "", "creation_timestamp": "2025-09-06T16:42:23.232548Z"}, {"uuid": "5d98cdf6-1986-49fa-b459-c1f3c9569616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24404", "type": "seen", "source": "https://gist.github.com/Darkcrai86/1ad7f8c45bb531c1ae805895f2ae7e9e", "content": "", "creation_timestamp": "2025-09-09T10:07:17.000000Z"}, {"uuid": "45202b97-e845-41e9-b096-cdb9f9cb49c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24404", "type": "seen", "source": "https://gist.github.com/Darkcrai86/c30e2483b027a71d43651ef8a687f417", "content": "", "creation_timestamp": "2025-09-09T11:03:53.000000Z"}, {"uuid": "635ae7e8-962d-4a85-9701-02be89f41716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24403", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2743", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24403\n\ud83d\udd39 Description: A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins.\n\ud83d\udccf Published: 2025-01-22T17:02:55.460Z\n\ud83d\udccf Modified: 2025-01-23T15:58:42.139Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-01-22/#SECURITY-3094", "creation_timestamp": "2025-01-23T16:02:44.000000Z"}, {"uuid": "e46bbfea-ecf5-4cb7-8650-e970cbad131a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24402", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2741", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24402\n\ud83d\udd39 Description: A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method.\n\ud83d\udccf Published: 2025-01-22T17:02:54.831Z\n\ud83d\udccf Modified: 2025-01-23T15:59:57.502Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-01-22/#SECURITY-3094", "creation_timestamp": "2025-01-23T16:02:42.000000Z"}, {"uuid": "26f57557-c2bb-45c4-994e-6ce32c025e44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24400", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2740", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24400\n\ud83d\udd39 Description: Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with the legitimate credentials.\n\ud83d\udccf Published: 2025-01-22T17:02:53.578Z\n\ud83d\udccf Modified: 2025-01-23T14:43:52.560Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-01-22/#SECURITY-3485", "creation_timestamp": "2025-01-23T15:03:02.000000Z"}, {"uuid": "2d0c7c40-dce2-4cd7-b88a-a5738c68fa41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2440", "type": "seen", "source": "https://t.me/cvedetector/22554", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2440 - Qualcomm Snapdragon Secure Insecure Storage of Sensitive Information\", \n  \"Content\": \"CVE ID : CVE-2025-2440 \nPublished : April 9, 2025, 11:15 a.m. | 50\u00a0minutes ago \nDescription : CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized  \naccess of confidential data when a malicious user, having physical access and advanced information on the file  \nsystem, sets the radio in factory default mode. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T14:15:54.000000Z"}, {"uuid": "227d926f-9ff8-44dd-af16-919a4820043e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2440", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11039", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2440\n\ud83d\udd25 CVSS Score: 4.1 (cvssV4_0, Vector: CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized\naccess of confidential data when a malicious user, having physical access and advanced information on the file\nsystem, sets the radio in factory default mode.\n\ud83d\udccf Published: 2025-04-09T10:20:57.073Z\n\ud83d\udccf Modified: 2025-04-09T10:20:57.073Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-098-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-098-02.pdf", "creation_timestamp": "2025-04-09T10:47:56.000000Z"}, {"uuid": "a1674acd-6fb9-4af0-9caf-893d322dc758", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24403", "type": "seen", "source": "https://t.me/cvedetector/16125", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24403 - Jenkins Azure Service Fabric Plugin Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24403 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A missing permission check in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of Azure credentials stored in Jenkins. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:29.000000Z"}, {"uuid": "35de3606-fe5a-4bcd-a7f6-4167ef0463d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24400", "type": "seen", "source": "https://t.me/cvedetector/16131", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24400 - Jenkins Eiffel Broadcaster Plugin Sign Forgery\", \n  \"Content\": \"CVE ID : CVE-2025-24400 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with the legitimate credentials. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:36.000000Z"}, {"uuid": "d4485a48-4b9d-4df8-833f-d1f43fa892de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24402", "type": "seen", "source": "https://t.me/cvedetector/16124", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24402 - Jenkins Azure Service Fabric Plugin CSRF Classified Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-24402 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Service Fabric Plugin 1.6 and earlier allows attackers to connect to a Service Fabric URL using attacker-specified credentials IDs obtained through another method. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:28.000000Z"}, {"uuid": "a83df464-6430-44c1-ab72-7a2b49ec9b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24401", "type": "seen", "source": "https://t.me/cvedetector/16123", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24401 - Jenkins Folder-based Authorization Strategy Plugin Permission Enforcement Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24401 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:27.000000Z"}]}