{"vulnerability": "CVE-2025-24446", "sightings": [{"uuid": "445520f9-3d8c-422a-8dd9-08a96fdd15ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmdftvwoas2z", "content": "", "creation_timestamp": "2025-04-08T21:22:41.997667Z"}, {"uuid": "999a1e39-56e4-4657-9b11-1306dc3204f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://thehackernews.com/2025/04/adobe-patches-11-critical-coldfusion.html", "content": "", "creation_timestamp": "2025-04-09T01:12:00.000000Z"}, {"uuid": "8e199658-1597-4cb8-9430-25fe36faf32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lmdgtgtcw32c", "content": "", "creation_timestamp": "2025-04-08T21:40:18.037818Z"}, {"uuid": "951161de-fdc8-45ab-8996-fc146a0cdbaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114304544059452346", "content": "", "creation_timestamp": "2025-04-08T21:48:47.373346Z"}, {"uuid": "d3877939-3b3d-492f-b648-75c6f8415cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmhnfgmpu22y", "content": "", "creation_timestamp": "2025-04-10T13:48:23.095340Z"}, {"uuid": "ea771671-cf88-4bc6-9eea-950a4d69a368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:39.000000Z"}, {"uuid": "b53a0862-6b69-4935-8b48-017141ce2127", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "1162f053-133e-4860-ae39-88e493af571d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12520", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24446\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution. Exploitation of this issue does not require user interaction, but admin panel privileges are required, and scope is changed.\n\ud83d\udccf Published: 2025-04-08T20:02:54.121Z\n\ud83d\udccf Modified: 2025-04-18T17:16:43.828Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html", "creation_timestamp": "2025-04-18T17:59:51.000000Z"}, {"uuid": "29a5c33f-3526-4894-8402-8014f0bfb33c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://t.me/cvedetector/22531", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24446 - ColdFusion Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24446 \nPublished : April 8, 2025, 8:15 p.m. | 1\u00a0hour, 20\u00a0minutes ago \nDescription : ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T00:03:05.000000Z"}, {"uuid": "528bc8a4-15e8-4017-9e5a-7aa5cf3d5cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "Telegram/DmYePYeeUyuYEAJCJE3ga3DCof0rIvarD9ftsp4v-ug6Qw", "content": "", "creation_timestamp": "2025-04-09T06:05:02.000000Z"}, {"uuid": "6bc8871d-c35a-4a05-b783-035ec6292d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24446", "type": "seen", "source": "https://t.me/thehackernews/6633", "content": "\ud83d\udea8 Critical alert: 30 new security flaws found in Adobe ColdFusion\u201411 rated Critical.\n\n\u26a1 Top threats: arbitrary code execution, file system read, security bypass.\n\nCVE-2025-24446 | CVSS 9.1\nCVE-2025-24447 | CVSS 9.1\nCVE-2025-30281 | CVSS 9.1\n(and more)\n\n No active exploits yet\u2014but don\u2019t wait.\n\n\ud83d\udd17 Update now or risk being the next headline: https://thehackernews.com/2025/04/adobe-patches-11-critical-coldfusion.html", "creation_timestamp": "2025-04-09T05:15:22.000000Z"}]}