{"vulnerability": "CVE-2025-2632", "sightings": [{"uuid": "0dd94d60-9e0a-416d-bace-48584578782f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2632", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-06", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "3ebdd3b4-f2a6-49e2-8c74-2ceb8df65a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26325", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114083241530307149", "content": "", "creation_timestamp": "2025-02-28T19:49:12.290848Z"}, {"uuid": "e2c891ee-2b08-4486-9819-5593092c58d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26325", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj7cctuxwh27", "content": "", "creation_timestamp": "2025-02-28T01:53:13.409889Z"}, {"uuid": "8d552408-bdb2-4814-8d33-82625050fab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2632", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmg5uwhf7p2i", "content": "", "creation_timestamp": "2025-04-09T23:38:07.862254Z"}, {"uuid": "ce06d105-79db-45e3-9e3b-a8f118bbc0b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26325", "type": "seen", "source": "https://t.me/cvedetector/19098", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26325 - ShopXO File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26325 \nPublished : Feb. 27, 2025, 10:15 p.m. | 1\u00a0hour, 31\u00a0minutes ago \nDescription : ShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T01:08:13.000000Z"}, {"uuid": "118952ec-5ecd-4aad-9b6b-cdec2e695b73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26320", "type": "seen", "source": "https://t.me/cvedetector/19515", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26320 - BroadlinkManager OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26320 \nPublished : March 4, 2025, 4:15 p.m. | 28\u00a0minutes ago \nDescription : t0mer BroadlinkManager v5.9.1 was discovered to contain an OS command injection vulnerability via the IP Address parameter at /device/ping. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T18:21:14.000000Z"}, {"uuid": "bc4ea979-2a15-479e-bd34-b706fa81f5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26326", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5908", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26326\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in the remote connection complements of the NVDA (Nonvisual Desktop Access) 2024.4.1 and 2024.4.2 was identified, which allows an attacker to obtain total control of the remote system when guessing a weak password. The problem occurs because the complements accept any password typed by the user and do not have an additional authentication or checking mechanism by the computer that will be accessed. Tests indicate that over 1,000 systems use easy to guess passwords, many with less than 4 to 6 characters, including common sequences. This enables brute strength or attempt and error attacks on the part of malicious invaders. Vulnerability can be explored by a remote striker who knows or can guess the password used in the connection. As a result, the invader gets complete access to the affected system and can run commands, modify files and compromise user security.\n\ud83d\udccf Published: 2025-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T15:01:48.196Z\n\ud83d\udd17 References:\n1. https://www.nvaccess.org\n2. https://github.com/azurejoga/CVE-2025-26326", "creation_timestamp": "2025-02-28T15:26:37.000000Z"}, {"uuid": "72f06fca-9243-4fa7-8d20-6cd2c6fe7b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26326", "type": "seen", "source": "https://t.me/cvedetector/19156", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26326 - NVDA Remote Password Guessing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26326 \nPublished : Feb. 28, 2025, 3:15 p.m. | 1\u00a0hour, 5\u00a0minutes ago \nDescription : A vulnerability in the remote connection complements of the NVDA (Nonvisual Desktop Access) 2024.4.1 and 2024.4.2 was identified, which allows an attacker to obtain total control of the remote system when guessing a weak password. The problem occurs because the complements accept any password typed by the user and do not have an additional authentication or checking mechanism by the computer that will be accessed. Tests indicate that over 1,000 systems use easy to guess passwords, many with less than 4 to 6 characters, including common sequences. This enables brute strength or attempt and error attacks on the part of malicious invaders. Vulnerability can be explored by a remote striker who knows or can guess the password used in the connection. As a result, the invader gets complete access to the affected system and can run commands, modify files and compromise user security. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T17:51:53.000000Z"}, {"uuid": "855e9dcc-bb5c-40e1-b354-b75362cd6267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2632", "type": "seen", "source": "https://t.me/cvedetector/22600", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2632 - NI LabVIEW CPU Info Disclosure and Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-2632 \nPublished : April 9, 2025, 8:15 p.m. | 24\u00a0minutes ago \nDescription : Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted VI.  This vulnerability affects NI LabVIEW 2025 Q1 and prior versions. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T23:28:16.000000Z"}, {"uuid": "9d6be681-4f7e-44a6-88e1-5068dcaebfed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2632", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11144", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2632\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution.  Successful exploitation requires an attacker to get a user to open a specially crafted VI.  This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.\n\ud83d\udccf Published: 2025-04-09T19:14:00.977Z\n\ud83d\udccf Modified: 2025-04-09T19:32:06.295Z\n\ud83d\udd17 References:\n1. https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-write-vulnerabilities-in-ni-labview.html", "creation_timestamp": "2025-04-09T19:48:19.000000Z"}, {"uuid": "340a3e1e-083d-4e80-8179-07203404ca50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26326", "type": "seen", "source": "Telegram/BZZo7fHhc4sibpFYJsetXrUL4klzncFZwgojPzsVEGkKU5y8", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "c22f0568-a109-440e-95f3-42e71f354c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26325", "type": "seen", "source": "Telegram/-gceKsSLA3nVuO-jPMQuo_9P8uLgaQ8EVsTMTg0YWWoyuwUv", "content": "", "creation_timestamp": "2025-03-02T11:44:21.000000Z"}, {"uuid": "7677831b-d802-49ef-807f-5e782ea91da7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26325", "type": "seen", "source": "Telegram/1nf7plIsYDMW_jBizcBfSZZq4bEZJKud0iHUlkZ5t0r-p4xh", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"}, {"uuid": "2fd669d6-3317-4009-8138-e3d2ae089aa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26326", "type": "published-proof-of-concept", "source": "Telegram/_kh4tpIJE3G1VDWw4P0GDOp7p10EZ4KOR9ZpNtd1C2-cicY", "content": "", "creation_timestamp": "2025-02-26T04:00:07.000000Z"}]}