{"vulnerability": "CVE-2025-2776", "sightings": [{"uuid": "1d104360-c79c-479f-9622-a0293a114b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27762", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5rjsz32e", "content": "", "creation_timestamp": "2025-03-18T02:01:19.825101Z"}, {"uuid": "acf760f3-fccf-446e-a81b-e6f123fb55ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27760", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5pgvrs2j", "content": "", "creation_timestamp": "2025-03-18T02:01:11.046351Z"}, {"uuid": "6e95e977-0174-4f20-ac5b-6f0a7876de3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27767", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5q765k2j", "content": "", "creation_timestamp": "2025-03-18T02:01:13.311927Z"}, {"uuid": "d4f14814-0ede-4092-ab86-54c6ef4e5dac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27765", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5qk2cd2h", "content": "", "creation_timestamp": "2025-03-18T02:01:14.935174Z"}, {"uuid": "06a7542c-ab32-4fc5-8de2-2a5c72ef1f6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-24)", "content": "", "creation_timestamp": "2025-06-24T00:00:00.000000Z"}, {"uuid": "19bf5f7c-5b89-4683-8e77-9b5972a40adc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27766", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5qcsnb2m", "content": "", "creation_timestamp": "2025-03-18T02:01:13.868258Z"}, {"uuid": "73962ced-679b-480b-886b-1c253cce2494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27764", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5qgapk2j", "content": "", "creation_timestamp": "2025-03-18T02:01:14.413505Z"}, {"uuid": "1522ea4e-bebd-42f2-b41a-cdfdf873a9c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27761", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5qr5ra2n", "content": "", "creation_timestamp": "2025-03-18T02:01:16.017885Z"}, {"uuid": "36d772cb-a28a-44c6-9eb3-fc708505f7c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27768", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5r72sj2s", "content": "", "creation_timestamp": "2025-03-18T02:01:18.178235Z"}, {"uuid": "affceefc-86ab-4ee6-854c-dc89f9024786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27763", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkml5rfura26", "content": "", "creation_timestamp": "2025-03-18T02:01:19.315446Z"}, {"uuid": "92de5e74-f2b4-4259-a33d-6f8a42c437d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://infosec.exchange/users/shadowserver/statuses/114466967388160257", "content": "", "creation_timestamp": "2025-05-07T14:15:11.519186Z"}, {"uuid": "45c45e4a-6b98-4445-af50-1a606b9bb054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-17)", "content": "", "creation_timestamp": "2025-06-17T00:00:00.000000Z"}, {"uuid": "b4aa7455-e326-448a-aeba-24bf01641ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpcwgj3mu52r", "content": "", "creation_timestamp": "2025-05-16T21:02:21.524536Z"}, {"uuid": "e2d027a1-3f7a-4a71-9b52-aa7ae1bf218d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3lolll3ln2k2p", "content": "", "creation_timestamp": "2025-05-07T14:16:50.619196Z"}, {"uuid": "4f7c7ae2-3c6e-4d50-847b-aeb7d2a9c6c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3lolll4zukc2p", "content": "", "creation_timestamp": "2025-05-07T14:16:51.947646Z"}, {"uuid": "b4562d05-2702-4299-b59c-db375be4e6f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/shadowserver.bsky.social/post/3lolll4zwis2p", "content": "", "creation_timestamp": "2025-05-07T14:16:53.298521Z"}, {"uuid": "d05953d6-e050-4eda-83ee-1237e98e2558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114467330819942836", "content": "", "creation_timestamp": "2025-05-07T15:47:36.130173Z"}, {"uuid": "7a6a3d64-56fd-4d95-bce6-a8926b6c7214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html", "content": "", "creation_timestamp": "2025-05-07T09:31:00.000000Z"}, {"uuid": "b4456b31-d433-4cb5-a1d1-ae2fbd3e0f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lomtv2durb2w", "content": "", "creation_timestamp": "2025-05-08T02:18:11.276400Z"}, {"uuid": "3d276fe6-1f12-4d0e-a8e9-89ce09680bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lumewnetvc2c", "content": "", "creation_timestamp": "2025-07-23T06:21:51.766668Z"}, {"uuid": "8cd7f091-75f6-4fa3-afc1-42de330a5ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114472197786505302", "content": "", "creation_timestamp": "2025-05-08T12:25:23.681165Z"}, {"uuid": "bebdbd6c-4c2c-4556-950e-16cc8d0e2aae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lowe3uenfd2r", "content": "", "creation_timestamp": "2025-05-11T21:02:20.092538Z"}, {"uuid": "b2fee7eb-dc8a-4391-80e6-72fd5ab775ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-2776.yaml", "content": "", "creation_timestamp": "2025-05-10T14:15:02.000000Z"}, {"uuid": "5a738583-7578-46dd-a215-69733cdf2f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lumkveejko2b", "content": "", "creation_timestamp": "2025-07-23T08:08:28.440708Z"}, {"uuid": "ebefa274-ac3d-426c-9bac-1c24f96fe60d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lumkz54mvrw2", "content": "", "creation_timestamp": "2025-07-23T08:10:39.677831Z"}, {"uuid": "0660c39b-72e5-4fe0-84cf-1bbab1a96bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lunfaeuyy222", "content": "", "creation_timestamp": "2025-07-23T15:59:57.961970Z"}, {"uuid": "da9c8f02-7a68-4638-9c8e-fba48192475e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw55xhul2c", "content": "", "creation_timestamp": "2025-07-23T21:02:29.460622Z"}, {"uuid": "32fa2f05-3367-49ab-b17d-c7a385841e55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lunx5ubi7s26", "content": "", "creation_timestamp": "2025-07-23T21:20:37.680774Z"}, {"uuid": "e55d46bb-409f-4ffe-9d3f-7544f0dbd4ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3luolntsbj22v", "content": "", "creation_timestamp": "2025-07-24T03:27:35.274441Z"}, {"uuid": "4c0a36f1-2573-4887-bda7-d164bfe04f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4454338", "content": "", "creation_timestamp": "2025-07-22T19:05:20.703061Z"}, {"uuid": "157449b7-5b75-4c28-8f43-dcca4b0b47b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-27)", "content": "", "creation_timestamp": "2025-07-27T00:00:00.000000Z"}, {"uuid": "1f256cbd-2fba-4867-be84-8d5453f30854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lupohh4tn22d", "content": "", "creation_timestamp": "2025-07-24T13:50:19.928918Z"}, {"uuid": "474f4f49-f8df-4621-9483-7918021f1468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-24)", "content": "", "creation_timestamp": "2025-07-24T00:00:00.000000Z"}, {"uuid": "c5a50516-5f57-4b9b-ae04-48a0bd714939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "c57e008c-c34e-4c8e-ba99-a49c065c79e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/wardenshield.bsky.social/post/3lw3pagelbk2g", "content": "", "creation_timestamp": "2025-08-11T02:01:29.188182Z"}, {"uuid": "0a45b2ed-1901-466c-9cf2-df86e8b2f082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "edeb2071-604b-44c5-abd0-05162303b199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:16.000000Z"}, {"uuid": "5c25ba3a-4c2d-4744-88e9-76527cc85de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115424694369254779", "content": "", "creation_timestamp": "2025-10-23T17:37:45.755216Z"}, {"uuid": "7a0807e8-ec07-4f76-8e5f-9195b5bf1e9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "792bc92d-5224-4c45-aca5-2b1e563f0244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "60a572c6-4517-4cfd-873f-2944a709abc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-14)", "content": "", "creation_timestamp": "2026-03-14T00:00:00.000000Z"}, {"uuid": "1744a086-d444-4fd6-9b83-687ccf2bd8b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "MISP/e0a0042d-e47b-4875-b781-99d4428af3c2", "content": "", "creation_timestamp": "2025-09-09T20:51:36.000000Z"}, {"uuid": "c9ab4a5b-5609-4de5-af01-ff36849875f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lxuzbd3g4q2o", "content": "", "creation_timestamp": "2025-09-02T21:02:37.867036Z"}, {"uuid": "afa9a434-e723-41f5-81cf-d7d6cdd1ebe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-2776", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d041bbcd-43ab-4c19-a576-e2b7c165aeac", "content": "", "creation_timestamp": "2026-02-02T12:25:56.082848Z"}, {"uuid": "d96e093e-380e-4292-ac5f-9f9b326ba5cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27769", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-05", "content": "", "creation_timestamp": "2026-03-12T11:00:00.000000Z"}, {"uuid": "58e1880c-f989-49bb-b935-561c6da07c6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "published-proof-of-concept", "source": "Telegram/8XN8wAMSKexF4HKj61t8L1D_BdecH-IzCKOqVJJvRwF7CEY", "content": "", "creation_timestamp": "2025-08-31T21:00:04.000000Z"}, {"uuid": "47454894-7564-43fa-bd8c-15462f3e0726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "exploited", "source": "Telegram/DKd2Gqws_szvlbVH567RCL0Q0RIZDQSoU0Q0rK7xOEDSxsg", "content": "", "creation_timestamp": "2025-10-26T04:57:35.000000Z"}, {"uuid": "c8d5e129-3a03-4087-90c9-f9e193600f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://t.me/cKure/14634", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges.\n\nThe vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is able to successfully interfere with an application's parsing of XML input.\n\nThis, in turn, could permit attackers to inject unsafe XML entities into the web application, allowing them to carry out a Server-Side Request Forgery (SSRF) attack and in worst cases, remote code execution.\n\nhttps://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html", "creation_timestamp": "2025-05-07T15:21:03.000000Z"}, {"uuid": "d3bc415e-aecf-4ce1-a1cc-66a010e26d33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "exploited", "source": "Telegram/WuywlTA2prep3738D0ZdlY2l1dxkLscKbaCFO22me4a6aig", "content": "", "creation_timestamp": "2025-10-26T04:57:32.000000Z"}, {"uuid": "3e437418-017d-4d26-9fbe-fcd7801f6ed3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://t.me/GithubRedTeam/49741", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-7771: Arbitrary physical memory and I/O port read/write via ThrottleStop driver\nURL\uff1ahttps://github.com/mrk336/From-EternalBlue-to-CVE-2025-2776-The-Evolution-of-an-SMB-Attack\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-31T13:24:48.000000Z"}, {"uuid": "d0b6aa88-269c-495e-9c7f-d3f003444456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "https://t.me/information_security_channel/53885", "content": "CISA Warns of SysAid Vulnerability Exploitation\nhttps://www.securityweek.com/cisa-warns-of-sysaid-vulnerability-exploitation/\n\nCISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog.\nThe post CISA Warns of SysAid Vulnerability Exploitation (https://www.securityweek.com/cisa-warns-of-sysaid-vulnerability-exploitation/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-07-23T09:05:52.000000Z"}, {"uuid": "01ae50e4-a38b-42fa-8b5f-3e2e9c954f7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27763", "type": "seen", "source": "https://t.me/cvedetector/20551", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27763 - Apache Log4j Remote Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27763 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : Rejected reason: Not used \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:52.000000Z"}, {"uuid": "c1199dbd-8135-4751-a0fe-3d3e8d9acfca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27764", "type": "seen", "source": "https://t.me/cvedetector/20549", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27764 - VMware SSL/TLS Weakness\", \n  \"Content\": \"CVE ID : CVE-2025-27764 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : Rejected reason: Not used \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:51.000000Z"}, {"uuid": "b4d49e47-c2c6-421b-81f6-97853298ca04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27768", "type": "seen", "source": "https://t.me/cvedetector/20537", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27768 - Apache HTTP Server Cross-Site Request Forgery Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27768 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : Rejected reason: Not used \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:33.000000Z"}, {"uuid": "eb3b009a-05b6-418d-9ef9-7791d397b59c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27767", "type": "seen", "source": "https://t.me/cvedetector/20535", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27767 - Apache HTTP Server Unvalidated User Input\", \n  \"Content\": \"CVE ID : CVE-2025-27767 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : Rejected reason: Not used \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:32.000000Z"}, {"uuid": "b266d12a-5b1c-4529-80f7-3cb5fc16c889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27765", "type": "seen", "source": "https://t.me/cvedetector/20533", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27765 - Apache HTTP Server Unvalidated User Input\", \n  \"Content\": \"CVE ID : CVE-2025-27765 \nPublished : March 17, 2025, 11:15 p.m. | 52\u00a0minutes ago \nDescription : Rejected reason: Not used \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T01:50:30.000000Z"}, {"uuid": "91350d3a-3ba9-458e-928f-e889d1173810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/9219", "content": "#exploit\nCVE-2025-2775 CVE-2025-2776 CVE-2025-2777 CVE-2025-2778\nSysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain\n]-> https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/\n\n]-> https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain", "creation_timestamp": "2025-05-10T02:44:20.000000Z"}, {"uuid": "8d8f4b2e-fff9-4f66-99aa-d9b348cd7e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "exploited", "source": "https://t.me/true_secator/7023", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 WatchTowr Labs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0442\u0440\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u041f\u041e \u0418\u0422-\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 SysAid.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-2775 \u0438 CVE-2025-2776 (\u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 XXE \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0435 /mdm/checkin), CVE-2025-2777 (\u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 XXE \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u0435 /lshw).\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c watchTowr Labs, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043b\u0435\u0433\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 POST \u043a \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c \u0441 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f InitAccount.cmd, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c.\n\n\u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0431\u0435\u0437 \u0442\u0440\u0443\u0434\u0430 \u043c\u043e\u0436\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a SysAid.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c XXE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 CVE-2025-2778, \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0412\u0441\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b SysAid \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 24.4.60 b16 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0434\u0430\u0432\u043d\u044e\u044e \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0443 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u0435 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SysAid\u00a0\u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0431\u0430\u043d\u0434 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 (\u0432 \u0447\u0438\u0441\u043b\u0435 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c Cl0p) \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 PoC, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0435\u0433\u043e \u0432\u0441\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0430\u043a\u0430\u0442\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2025-05-12T17:15:08.000000Z"}, {"uuid": "7d68163f-0c52-44eb-9397-256580ef03ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3785", "content": "#exploit\nCVE-2025-2775 CVE-2025-2776 CVE-2025-2777 CVE-2025-2778\nSysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain\n]-> https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/\n\n]-> https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain", "creation_timestamp": "2025-05-10T02:44:20.000000Z"}, {"uuid": "d212d2fb-b024-4a32-93ff-b29b780c165d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "Telegram/yUbNsI-bWNV2K8tTPh4C-hxM85C-hrLLt_kDH9pSKaydCw", "content": "", "creation_timestamp": "2025-05-07T15:16:23.000000Z"}, {"uuid": "f693683b-5707-479c-8bc5-8f515884df35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "7dcce15b-ceb3-46c6-a6d0-1c922674dec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "published-proof-of-concept", "source": "https://t.me/liwaamohammad/1962", "content": "https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain\n\nPoC for SysAid PreAuth RCE Chain (CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778)\n#github #exploit", "creation_timestamp": "2025-05-09T14:18:17.000000Z"}, {"uuid": "d0bd492f-d812-417c-b27b-eff7ffcba63e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2776", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/12025", "content": "#exploit\nCVE-2025-2775 CVE-2025-2776 CVE-2025-2777 CVE-2025-2778\nSysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain\n]-> https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/\n\n]-> https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain", "creation_timestamp": "2025-05-10T00:52:20.000000Z"}]}