{"vulnerability": "CVE-2025-2753", "sightings": [{"uuid": "046b7140-fc86-401b-b3c7-2162f9a4caae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2753", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll747q4mrp2x", "content": "", "creation_timestamp": "2025-03-25T10:54:31.559265Z"}, {"uuid": "c00544a2-1428-4839-baec-2e41ce547d92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27539", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-383/", "content": "", "creation_timestamp": "2025-06-16T03:00:00.000000Z"}, {"uuid": "fb5b81fd-1939-4b8a-9e6f-43df1fe6bf5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27531", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lj7kruepf32q", "content": "", "creation_timestamp": "2025-02-28T04:24:45.471521Z"}, {"uuid": "5d827169-e175-488e-9a69-850c8065263f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27538", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfur454s2q", "content": "", "creation_timestamp": "2025-04-16T10:43:44.160767Z"}, {"uuid": "b38f7f86-904a-4240-b32e-b65246bed972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27539", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "97f1701b-f0c8-4ef0-9f25-f0a0dbe76ac0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114466527798008796", "content": "", "creation_timestamp": "2025-05-07T12:23:22.987862Z"}, {"uuid": "8d8b48ea-45f0-4909-9053-f6d7be65893b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27532", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo25ta434e2l", "content": "", "creation_timestamp": "2025-04-30T15:55:32.454067Z"}, {"uuid": "fb49ebe2-93fa-4eb0-a452-edd4f588d4a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27531", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114637169259974567", "content": "", "creation_timestamp": "2025-06-06T15:39:45.212647Z"}, {"uuid": "b6d9b3fa-4b67-4554-97b7-2a884ec88144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lolaamhepr52", "content": "", "creation_timestamp": "2025-05-07T12:23:32.026500Z"}, {"uuid": "19f18d62-b3b2-47dc-a55a-1006ff6e84c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3loni5pueym2j", "content": "", "creation_timestamp": "2025-05-08T08:20:56.728849Z"}, {"uuid": "a37f60cd-f6d7-418d-a8eb-3dd272b97275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lojb73h7i62v", "content": "", "creation_timestamp": "2025-05-06T16:05:47.125173Z"}, {"uuid": "9f1d0b6a-3e98-4644-a606-5a2715a06ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/105", "content": "", "creation_timestamp": "2025-05-06T13:39:27.000000Z"}, {"uuid": "70dda158-0c8b-422a-8216-fab1affd5f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lowe3u7klc2w", "content": "", "creation_timestamp": "2025-05-11T21:02:18.898995Z"}, {"uuid": "5788efdd-c607-46b4-a54a-dd7ff6f47a49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3loqkfpw5rp2o", "content": "", "creation_timestamp": "2025-05-09T13:39:12.431861Z"}, {"uuid": "f7359e17-cff9-403b-99fe-bb649824b62f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lonw6ea6dn23", "content": "", "creation_timestamp": "2025-05-08T12:31:53.776898Z"}, {"uuid": "3569a3b6-0643-40a4-ae54-0d3c78d8ba89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27532", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114692656897305175", "content": "", "creation_timestamp": "2025-06-16T10:50:59.963782Z"}, {"uuid": "f53be3d4-3c27-497d-bae6-20b687d14a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lottmvrbgk2y", "content": "", "creation_timestamp": "2025-05-10T21:02:17.665682Z"}, {"uuid": "567422f7-d287-41ce-a1f9-398e9925ac1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3loy3uquqi226", "content": "", "creation_timestamp": "2025-05-12T13:40:30.764535Z"}, {"uuid": "0fedf479-e5b7-4c79-b4ec-605a73bfde2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3loy3urvs3s26", "content": "", "creation_timestamp": "2025-05-12T13:40:31.302381Z"}, {"uuid": "dcc50341-67d9-4df7-b03b-7dd69758ce29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27532", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lrpsqczhca52", "content": "", "creation_timestamp": "2025-06-16T10:51:22.732496Z"}, {"uuid": "e4812ac0-8a3f-441d-adc2-c100a18c7ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15288", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27533\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red)\n\ud83d\udd39 Description: Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ.\n\nDuring unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections.\nThis issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected.\n\nUsers are recommended to upgrade to version 6.1.6+, 5.19.0+,  5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue.\n\nExisting users may implement mutual TLS to mitigate the risk on affected brokers.\n\ud83d\udccf Published: 2025-05-07T08:59:00.249Z\n\ud83d\udccf Modified: 2025-05-07T09:04:12.173Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/8hcm25vf7mchg4zbbhnlx2lc5bs705hg", "creation_timestamp": "2025-05-07T09:23:35.000000Z"}, {"uuid": "007afd89-c2d2-4b51-9227-9f658cf486eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27532", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14009", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27532\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability in the \u201cBackup & Restore\u201d functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple crafted HTTP requests.\n\ud83d\udccf Published: 2025-04-30T11:49:02.687Z\n\ud83d\udccf Modified: 2025-04-30T11:49:02.687Z\n\ud83d\udd17 References:\n1. https://psirt.bosch.com/security-advisories/BOSCH-SA-640452.html", "creation_timestamp": "2025-04-30T12:12:42.000000Z"}, {"uuid": "ab51b8f2-6caa-4a04-9d12-8524b4454f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2753", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}, {"uuid": "d1557e1b-5318-4ab8-93ad-bec43b9113dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "c317e1f5-6a01-48db-af63-64ae2bc6f27d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2753", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8630", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2753\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as critical. Affected is the function SceneCombiner::MergeScenes of the file code/AssetLib/LWS/LWSLoader.cpp of the component LWS File Handler. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-25T08:31:04.517Z\n\ud83d\udccf Modified: 2025-03-25T08:31:04.517Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.300858\n2. https://vuldb.com/?ctiid.300858\n3. https://vuldb.com/?submit.517787\n4. https://github.com/assimp/assimp/issues/6014\n5. https://github.com/assimp/assimp/issues/6014#issue-2877372462", "creation_timestamp": "2025-03-25T09:24:17.000000Z"}, {"uuid": "5e61e459-de46-48cb-bf7a-92a441c24318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/36093", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aexploit for CVE-2025-27533, a Denial of Service (DoS) vulnerability in Apache ActiveMQ\nURL\uff1ahttps://github.com/absholi7ly/CVE-2025-27533-Exploit-for-Apache-ActiveMQ\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-05-09T02:47:54.000000Z"}, {"uuid": "205097fa-0e25-4479-9169-d47fe1f5d3fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27538", "type": "seen", "source": "https://t.me/cvedetector/23057", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27538 - Mattermost MFA Enforcement Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27538 \nPublished : April 16, 2025, 8:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Mattermost versions 10.5.x <=<=\nSeverity: 2.2 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T11:50:53.000000Z"}, {"uuid": "e82fd9f5-89c0-4314-aaeb-c3b1895afff6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27532", "type": "seen", "source": "https://t.me/cvedetector/24095", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27532 - \"ctrlX OS Web Application Backup & Restore Authentication Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2025-27532 \nPublished : April 30, 2025, 12:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : A vulnerability in the \u201cBackup & Restore\u201d functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to access secret information via multiple crafted HTTP requests. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-30T16:14:34.000000Z"}, {"uuid": "7b209945-f95d-485c-a7b8-29c675398ab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27534", "type": "seen", "source": "https://t.me/cvedetector/22243", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27534 - OpenHarmony Memory Leak DOS\", \n  \"Content\": \"CVE ID : CVE-2025-27534 \nPublished : April 7, 2025, 3:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T07:01:20.000000Z"}, {"uuid": "172dda24-f841-465e-be4b-4202e777e3d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2753", "type": "seen", "source": "https://t.me/cvedetector/21072", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2753 - Assimp LWS File Handler Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2753 \nPublished : March 25, 2025, 9:15 a.m. | 33\u00a0minutes ago \nDescription : A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as critical. Affected is the function SceneCombiner::MergeScenes of the file code/AssetLib/LWS/LWSLoader.cpp of the component LWS File Handler. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T11:07:58.000000Z"}, {"uuid": "767da35a-9a70-4f21-945a-ec84af66fd45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2753", "type": "published-proof-of-concept", "source": "Telegram/d874YtfjRzSeJrj5ty8uatKWcKwQKjZYN7PQfn6_9YdZXOI", "content": "", "creation_timestamp": "2025-03-25T10:01:07.000000Z"}, {"uuid": "a6aedf9d-9c35-43dd-8f00-e5c9d62f6161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27533", "type": "seen", "source": "https://t.me/cvedetector/24689", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27533 - Apache ActiveMQ Memory Allocation with Excessive Size Value Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-27533 \nPublished : May 7, 2025, 9:15 a.m. | 1\u00a0hour, 14\u00a0minutes ago \nDescription : Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ.  \n  \nDuring unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections.  \nThis issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected.  \n  \nUsers are recommended to upgrade to version 6.1.6+, 5.19.0+,  5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue.  \n  \nExisting users may implement mutual TLS to mitigate the risk on affected brokers. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T13:09:05.000000Z"}]}