{"vulnerability": "CVE-2025-3112", "sightings": [{"uuid": "b102e91e-373e-427d-b326-1d431bbea3ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31122", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114258175577877862", "content": "", "creation_timestamp": "2025-03-31T17:16:40.661397Z"}, {"uuid": "d6b94e80-39f7-4c5d-8025-834768d56c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31122", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114258175577877862", "content": "", "creation_timestamp": "2025-03-31T17:16:40.703269Z"}, {"uuid": "820b04ae-ce38-4487-acda-a17f18ff7f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31122", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llovp3yh6q2a", "content": "", "creation_timestamp": "2025-03-31T17:40:23.752028Z"}, {"uuid": "12170a63-7620-430c-9091-25c61c439787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31129", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114259246507851208", "content": "", "creation_timestamp": "2025-03-31T21:49:01.723573Z"}, {"uuid": "ed4a0a59-107f-4d25-bac1-45484854a5a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31129", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114259246507851208", "content": "", "creation_timestamp": "2025-03-31T21:49:01.721345Z"}, {"uuid": "8199f910-57ec-4a2d-88ac-4162de868d06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31123", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114259246539821602", "content": "", "creation_timestamp": "2025-03-31T21:49:02.019883Z"}, {"uuid": "8d7a9f07-e244-4b0c-948c-09e6bec1e633", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31123", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114259246539821602", "content": "", "creation_timestamp": "2025-03-31T21:49:02.021760Z"}, {"uuid": "7cb15bcc-860e-4dae-8768-07e492ec27f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-31125", "type": "seen", "source": "https://bsky.app/profile/giuseppesec.bsky.social/post/3lmaiapyz3k2v", "content": "", "creation_timestamp": "2025-04-07T17:27:37.766948Z"}, {"uuid": "e60059e3-1b83-49bf-a304-ba0088c11f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/Android.activitypub.awakari.com.ap.brid.gy/post/3llw2nelcq7t2", "content": "", "creation_timestamp": "2025-04-03T13:57:51.728488Z"}, {"uuid": "a32718db-908d-4eca-b97b-c38724b31753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llxmkl5p2s2x", "content": "", "creation_timestamp": "2025-04-04T04:50:45.671776Z"}, {"uuid": "1938f827-efaf-42e6-aafe-c557935aa277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqingcx4yp2o", "content": "", "creation_timestamp": "2025-05-31T21:02:26.694491Z"}, {"uuid": "76fb336d-8b28-4944-94cb-2fbc465bad87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31120", "type": "seen", "source": "https://bsky.app/profile/Minecraft.activitypub.awakari.com.ap.brid.gy/post/3ln45mklycpf2", "content": "", "creation_timestamp": "2025-04-18T17:32:17.429790Z"}, {"uuid": "35bb9e79-3e4f-474a-aa40-5988a58f2f20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lofce45msb2p", "content": "", "creation_timestamp": "2025-05-05T02:15:50.958595Z"}, {"uuid": "3b1d17c1-9e61-41bb-a877-639f8ee06312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31129", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "abb70261-02aa-45c0-875f-7d8513d5b975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/bilaltariq01.bsky.social/post/3lqtgljguxh2q", "content": "", "creation_timestamp": "2025-06-05T03:59:14.579956Z"}, {"uuid": "1fae7dfa-20c2-43a1-99ad-242ff691e29f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3112", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-03", "content": "", "creation_timestamp": "2025-06-24T10:00:00.000000Z"}, {"uuid": "9dbaeac1-f295-4af2-9966-82ec64d8ff47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-31125", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqtkca64hff2", "content": "", "creation_timestamp": "2025-06-05T05:05:49.635395Z"}, {"uuid": "4e521423-bf23-482c-a99f-8781a6ae8649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31129", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:56.000000Z"}, {"uuid": "ba9949e0-3332-4d34-a2a0-a0293fb3d0c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbv77go2f", "content": "", "creation_timestamp": "2025-08-03T21:02:41.132176Z"}, {"uuid": "d2c42b1c-2bc4-4a47-b29b-8dad66008f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31129", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbvblgc24", "content": "", "creation_timestamp": "2025-08-03T21:02:41.730023Z"}, {"uuid": "f5f9a338-0825-4c1e-b568-0ae5d7379f80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3m2mqdalmnr2d", "content": "", "creation_timestamp": "2025-10-07T18:16:52.805194Z"}, {"uuid": "02ce4bd4-170b-45aa-a859-39ca4d4e4611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31124", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9763", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31124\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Zitadel is open-source identity infrastructure software. ZITADEL administrators can enable a setting called \"Ignoring unknown usernames\" which helps mitigate attacks that try to guess/enumerate usernames. If enabled, ZITADEL will show the password prompt even if the user doesn't exist and report \"Username or Password invalid\". While the setting was correctly respected during the login flow, the user's username was normalized leading to a disclosure of the user's existence. This vulnerability is fixed in 2.71.6, 2.70.8, 2.69.9, 2.68.9, 2.67.13, 2.66.16, 2.65.7, 2.64.6, and 2.63.9.\n\ud83d\udccf Published: 2025-03-31T19:38:12.235Z\n\ud83d\udccf Modified: 2025-03-31T19:38:12.235Z\n\ud83d\udd17 References:\n1. https://github.com/zitadel/zitadel/security/advisories/GHSA-67m4-8g4w-633q\n2. https://github.com/zitadel/zitadel/commit/14de8ecac2afafee4975ed7ac26f3ca4a2b0f82c\n3. https://github.com/zitadel/zitadel/releases/tag/v2.63.9\n4. https://github.com/zitadel/zitadel/releases/tag/v2.64.6\n5. https://github.com/zitadel/zitadel/releases/tag/v2.65.7\n6. https://github.com/zitadel/zitadel/releases/tag/v2.66.16\n7. https://github.com/zitadel/zitadel/releases/tag/v2.67.13\n8. https://github.com/zitadel/zitadel/releases/tag/v2.68.9\n9. https://github.com/zitadel/zitadel/releases/tag/v2.69.9\n10. https://github.com/zitadel/zitadel/releases/tag/v2.70.8\n11. https://github.com/zitadel/zitadel/releases/tag/v2.71.6", "creation_timestamp": "2025-03-31T20:31:09.000000Z"}, {"uuid": "4eaa60b8-bd81-46ac-ab46-b5807a601baf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mczy27u3ex22", "content": "", "creation_timestamp": "2026-01-22T20:01:08.682511Z"}, {"uuid": "23b34738-6e0f-4b12-8f4c-24c6da39f18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-31125", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/16535a89-ee97-4fa7-bdc3-30446bdf1d84", "content": "", "creation_timestamp": "2026-02-02T12:25:42.636073Z"}, {"uuid": "cdde5800-0804-4db8-910c-dbc154e8c65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/30741", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\u9488\u5bf9CVE-2025-30208\u548cCVE-2025-31125\u7684\u6f0f\u6d1e\u5229\u7528\nURL\uff1ahttps://github.com/jackieya/ViteVulScan\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-09T13:33:30.000000Z"}, {"uuid": "2d73149d-c2fc-4ffe-938f-ef15e0a8ca75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3meuj2dgymk2w", "content": "", "creation_timestamp": "2026-02-15T02:39:52.211359Z"}, {"uuid": "db93e85b-fe1a-49f2-bba8-54e421090782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/5922984", "content": "", "creation_timestamp": "2026-03-04T01:43:08.045237Z"}, {"uuid": "5355bdad-2a29-48ac-954d-961f43079aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115946155187059510", "content": "", "creation_timestamp": "2026-01-23T19:52:05.412185Z"}, {"uuid": "d92e0cdc-bc74-4ef1-b9b4-985ad22ba343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3md4lxpffnl2i", "content": "", "creation_timestamp": "2026-01-23T21:03:01.291857Z"}, {"uuid": "964f78cb-9a54-43fe-9b5b-30ef4d956f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31129", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9744", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31129\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Jooby is a web framework for Java and Kotlin. The pac4j io.jooby.internal.pac4j.SessionStoreImpl#get module deserializes untrusted data. This vulnerability is fixed in 2.17.0 (2.x) and 3.7.0 (3.x).\n\ud83d\udccf Published: 2025-03-31T19:10:57.599Z\n\ud83d\udccf Modified: 2025-03-31T19:10:57.599Z\n\ud83d\udd17 References:\n1. https://github.com/jooby-project/jooby/security/advisories/GHSA-7c5v-895v-w4q5\n2. https://github.com/jooby-project/jooby/commit/3e13562cf36d7407813eae464e0f4b598de15692\n3. https://github.com/jooby-project/jooby/blob/v2.x/modules/jooby-pac4j/src/main/java/io/jooby/internal/pac4j/SessionStoreImpl.java#L39-L45\n4. https://github.com/jooby-project/jooby/blob/v3.6.1/modules/jooby-pac4j/src/main/java/io/jooby/internal/pac4j/SessionStoreImpl.java#L77-L84", "creation_timestamp": "2025-03-31T19:31:03.000000Z"}, {"uuid": "07c1fa58-38e6-4cc2-a3d4-4946d924604a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31128", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31128\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: gifplayer is a customizable jquery plugin to play and stop animated gifs. gifplayer contains a cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 0.3.7.\n\ud83d\udccf Published: 2025-03-31T18:47:32.369Z\n\ud83d\udccf Modified: 2025-03-31T18:47:32.369Z\n\ud83d\udd17 References:\n1. https://github.com/rubentd/gifplayer/security/advisories/GHSA-gr7w-hmch-25g7\n2. https://github.com/rubentd/gifplayer/commit/2966193d4d066e5a6ba09dbdf1e1c7f8238630c8", "creation_timestamp": "2025-03-31T19:31:10.000000Z"}, {"uuid": "0a36e82d-59f5-47b8-9680-8fe09f580804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31122", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9704", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31122\n\ud83d\udd25 CVSS Score: 9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: scratch-coding-hut.github.io is the website for Coding Hut. In 1.0-beta3 and earlier, the login link can be used to login to any account by changing the username in the username field.\n\ud83d\udccf Published: 2025-03-31T16:58:19.115Z\n\ud83d\udccf Modified: 2025-03-31T16:58:19.115Z\n\ud83d\udd17 References:\n1. https://github.com/Scratch-Coding-Hut/Scratch-Coding-Hut/security/advisories/GHSA-mmg3-567w-v9j2\n2. https://github.com/Scratch-Coding-Hut/Scratch-Coding-Hut.github.io/issues/56", "creation_timestamp": "2025-03-31T17:30:51.000000Z"}, {"uuid": "06509b9d-1696-4859-9d83-be08141cd9e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31120", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12504", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31120\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum page allows an unauthenticated attacker to artificially increase the view count. The application relies on a client-side cookie (nl-topic-[tid]) (or session variable for guests) to determine if a view should be counted. When a client does not provide the cookie, every page request increments the counter, leading to incorrect view metrics. This issue has been patched in version 2.2.0.\n\ud83d\udccf Published: 2025-04-18T15:52:57.791Z\n\ud83d\udccf Modified: 2025-04-18T15:52:57.791Z\n\ud83d\udd17 References:\n1. https://github.com/NamelessMC/Nameless/security/advisories/GHSA-8jv7-77jw-h646\n2. https://github.com/NamelessMC/Nameless/commit/9b112c0beab346a38b6f5a51e7773b38c6fc52e7\n3. https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", "creation_timestamp": "2025-04-18T16:59:24.000000Z"}, {"uuid": "4f29bee6-3929-4030-97d1-dcffce3cd1d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31123", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9764", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31123\n\ud83d\udd25 CVSS Score: 8.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: Zitadel is open-source identity infrastructure software. A vulnerability existed where expired keys can be used to retrieve tokens. Specifically, ZITADEL fails to properly check the expiration date of the JWT key when used for Authorization Grants. This allows an attacker with an expired key to obtain valid access tokens. This vulnerability does not affect the use of JWT Profile for OAuth 2.0 Client Authentication on the Token and Introspection endpoints, which correctly reject expired keys. This vulnerability is fixed in 2.71.6, 2.70.8, 2.69.9, 2.68.9, 2.67.13, 2.66.16, 2.65.7, 2.64.6, and 2.63.9.\n\ud83d\udccf Published: 2025-03-31T19:31:40.507Z\n\ud83d\udccf Modified: 2025-03-31T19:31:40.507Z\n\ud83d\udd17 References:\n1. https://github.com/zitadel/zitadel/security/advisories/GHSA-h3q7-347g-qwhf\n2. https://github.com/zitadel/zitadel/commit/315503beabd679f2e6aec0c004f0f9d2f5b53ed3\n3. https://github.com/zitadel/zitadel/releases/tag/v2.63.9\n4. https://github.com/zitadel/zitadel/releases/tag/v2.64.6\n5. https://github.com/zitadel/zitadel/releases/tag/v2.65.7\n6. https://github.com/zitadel/zitadel/releases/tag/v2.66.16\n7. https://github.com/zitadel/zitadel/releases/tag/v2.67.13\n8. https://github.com/zitadel/zitadel/releases/tag/v2.68.9\n9. https://github.com/zitadel/zitadel/releases/tag/v2.69.9\n10. https://github.com/zitadel/zitadel/releases/tag/v2.70.8\n11. https://github.com/zitadel/zitadel/releases/tag/v2.71.6", "creation_timestamp": "2025-03-31T20:31:10.000000Z"}, {"uuid": "7ecfdec1-60b7-441b-adb6-6787518dc2e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9702", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31125\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected. This vulnerability is fixed in 6.2.4, 6.1.3, 6.0.13, 5.4.16, and 4.5.11.\n\ud83d\udccf Published: 2025-03-31T17:06:30.704Z\n\ud83d\udccf Modified: 2025-03-31T17:06:30.704Z\n\ud83d\udd17 References:\n1. https://github.com/vitejs/vite/security/advisories/GHSA-4r4m-qw57-chr8\n2. https://github.com/vitejs/vite/commit/59673137c45ac2bcfad1170d954347c1a17ab949", "creation_timestamp": "2025-03-31T17:30:49.000000Z"}, {"uuid": "f26dc291-0586-4f0a-885e-066418d811d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31121", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9942", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31121\n\ud83d\udd25 CVSS Score: 7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 7.0.3.1, the Patient Image feature in OpenEMR is vulnerable to cross-site scripting attacks via the EXIF title in an image. This vulnerability is fixed in 7.0.3.1.\n\ud83d\udccf Published: 2025-04-01T14:53:03.469Z\n\ud83d\udccf Modified: 2025-04-01T16:13:34.453Z\n\ud83d\udd17 References:\n1. https://github.com/openemr/openemr/security/advisories/GHSA-2w94-qmj6-3qxx", "creation_timestamp": "2025-04-01T16:32:24.000000Z"}, {"uuid": "8cfaf017-c735-4f81-a3ca-c3066fc757f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "Telegram/5XGpncEfRIuewYJEc34aWTFVRwMO65Yc4SMMQva9F06aJhs", "content": "", "creation_timestamp": "2025-07-13T21:00:04.000000Z"}, {"uuid": "bbcc74ba-a361-44e3-8a12-1399a9de44a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/28491", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aVite \u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1ePOC\nURL\uff1ahttps://github.com/sunhuiHi666/CVE-2025-31125\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-01T14:29:12.000000Z"}, {"uuid": "bd5559f0-3305-4500-a0e5-fd165dd1d879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/28914", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\u9488\u5bf9CVE-2025-30208\u7684\u7b80\u5355\u6f0f\u6d1e\u5229\u7528\nURL\uff1ahttps://github.com/jackieya/CVE-2025-30208-and-CVE-2025-31125\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-02T07:40:49.000000Z"}, {"uuid": "6ed53602-646f-4ea3-82b7-c09bfc230705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3112", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1198", "content": "\u0627\u0634\u0646\u0627\u06cc\u062f\u0631 \u0627\u0644\u06a9\u062a\u0631\u06cc\u06a9 \u06af\u0632\u0627\u0631\u0634 \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0632\u06cc\u0631 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647\u200c\u0627\u0646\u062f:\n\n\u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u0647\u0627\u06cc Modicon M241: \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0642\u0628\u0644 \u0627\u0632 5.3.12.51\n\u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u0647\u0627\u06cc Modicon M251: \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0642\u0628\u0644 \u0627\u0632 5.3.12.51\n\u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u0647\u0627\u06cc Modicon M262: \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0642\u0628\u0644 \u0627\u0632 5.3.9.18 (CVE-2025-3898\u060c CVE-2025-3117)\n\u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u0647\u0627\u06cc Modicon M258: \u0647\u0645\u0647 \u0646\u0633\u062e\u0647\u200c\u0647\u0627 (CVE-2025-3905\u060c CVE-2025-3116\u060c CVE-2025-3117)\n\u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647\u200c\u0647\u0627\u06cc Modicon LMC058: \u0647\u0645\u0647 \u0646\u0633\u062e\u0647\u200c\u0647\u0627 (CVE-2025-3905\u060c CVE-2025-3116\u060c CVE-2025-3117)\n\n\u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 CWE-20\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627\u0639\u062b ...  \u0634\u0631\u0627\u06cc\u0637 \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0632\u0645\u0627\u0646\u06cc \u0631\u062e \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u0647 \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u062e\u0631\u0628 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647\u060c \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTPS \u062d\u0627\u0648\u06cc \u0646\u0648\u0639 \u062f\u0627\u062f\u0647 \u0646\u0627\u0645\u0639\u062a\u0628\u0631 \u0628\u0647 \u0648\u0628 \u0633\u0631\u0648\u0631 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u062f.\n\n\u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0628\u0631\u0627\u06cc CVE-2025-3898 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f7.\u06f1 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0639\u0628\u0627\u0631\u062a \u0627\u0633\u062a \u0627\u0632 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N).\n\n\u062e\u0646\u062b\u06cc\u200c\u0633\u0627\u0632\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u0631\u0648\u062f\u06cc \u062f\u0631 \u0637\u0648\u0644 \u062a\u0648\u0644\u06cc\u062f \u0635\u0641\u062d\u0647 \u0648\u0628 ('\u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u200c\u0646\u0648\u06cc\u0633\u06cc \u0628\u06cc\u0646\u200c\u0633\u0627\u06cc\u062a\u06cc') CWE-79\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0646\u062b\u06cc\u200c\u0633\u0627\u0632\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u0631\u0648\u062f\u06cc \u062f\u0631 \u0637\u0648\u0644 \u062a\u0648\u0644\u06cc\u062f \u0635\u0641\u062d\u0647 \u0648\u0628 ('\u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u200c\u0646\u0648\u06cc\u0633\u06cc \u0628\u06cc\u0646\u200c\u0633\u0627\u06cc\u062a\u06cc') \u062f\u0631 \u0635\u0641\u062d\u0647 \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0648\u0628 \u0633\u0631\u0648\u0631 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627\u0639\u062b \u062a\u0632\u0631\u06cc\u0642 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u0646\u0627\u0645\u0639\u062a\u0628\u0631 \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u062e\u0631\u0628 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0648 \u062f\u0631 \u0646\u062a\u06cc\u062c\u0647 \u062a\u063a\u06cc\u06cc\u0631 \u06cc\u0627 \u062e\u0648\u0627\u0646\u062f\u0646 \u062f\u0627\u062f\u0647\u200c\u0647\u0627 \u062f\u0631 \u0645\u0631\u0648\u0631\u06af\u0631 \u0642\u0631\u0628\u0627\u0646\u06cc \u0634\u0648\u062f.  \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0631\u0627\u06cc CVE-2025-3899 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f5.\u06f1 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0628\u0647 \u0635\u0648\u0631\u062a (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N) \u0627\u0633\u062a.\n\n\u0645\u0635\u0631\u0641 \u0645\u0646\u0627\u0628\u0639 \u06a9\u0646\u062a\u0631\u0644 \u0646\u0634\u062f\u0647 CWE-400\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0635\u0631\u0641 \u0645\u0646\u0627\u0628\u0639 \u06a9\u0646\u062a\u0631\u0644 \u0646\u0634\u062f\u0647 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627\u0639\u062b \u0627\u06cc\u062c\u0627\u062f \u0634\u0631\u0627\u06cc\u0637 \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0634\u0648\u062f\u060c \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u062e\u0631\u0628 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u06cc\u06a9 \u0647\u062f\u0631 HTTPS Content-Length \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u0631\u0627 \u0628\u0647 \u0648\u0628 \u0633\u0631\u0648\u0631 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\n\u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0631\u0627\u06cc CVE-2025-3112 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f7.\u06f1 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b  \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0639\u0628\u0627\u0631\u062a \u0627\u0633\u062a \u0627\u0632 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N).\n\n\u062e\u0646\u062b\u06cc\u200c\u0633\u0627\u0632\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u0631\u0648\u062f\u06cc \u062f\u0631 \u0637\u0648\u0644 \u062a\u0648\u0644\u06cc\u062f \u0635\u0641\u062d\u0647 \u0648\u0628 ('\u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u200c\u0646\u0648\u06cc\u0633\u06cc \u0628\u06cc\u0646\u200c\u0633\u0627\u06cc\u062a\u06cc') CWE-79\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0646\u062b\u06cc\u200c\u0633\u0627\u0632\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u0631\u0648\u062f\u06cc \u062f\u0631 \u0637\u0648\u0644 \u062a\u0648\u0644\u06cc\u062f \u0635\u0641\u062d\u0647 \u0648\u0628 ('\u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u200c\u0646\u0648\u06cc\u0633\u06cc \u0628\u06cc\u0646\u200c\u0633\u0627\u06cc\u062a\u06cc') \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0628\u0631 \u0645\u062a\u063a\u06cc\u0631\u0647\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 PLC \u062a\u0623\u062b\u06cc\u0631 \u0645\u06cc\u200c\u06af\u0630\u0627\u0631\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627\u0639\u062b \u062a\u0632\u0631\u06cc\u0642 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u0646\u0627\u0645\u0639\u062a\u0628\u0631 \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u062e\u0631\u0628 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0634\u0648\u062f \u06a9\u0647 \u0645\u0646\u062c\u0631 \u0628\u0647 \u062a\u063a\u06cc\u06cc\u0631 \u06cc\u0627 \u062e\u0648\u0627\u0646\u062f\u0646 \u062f\u0627\u062f\u0647\u200c\u0647\u0627 \u062f\u0631 \u0645\u0631\u0648\u0631\u06af\u0631 \u0642\u0631\u0628\u0627\u0646\u06cc \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0628\u0631\u0627\u06cc CVE-2025-3905 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f5.\u06f1 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.  \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0628\u0647 \u0635\u0648\u0631\u062a (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N) \u0627\u0633\u062a.\n\n\u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 CWE-20\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0648\u0631\u0648\u062f\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627\u0639\u062b \u0627\u06cc\u062c\u0627\u062f \u0634\u0631\u0627\u06cc\u0637 \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0634\u0648\u062f\u060c \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u062e\u0631\u0628 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTPS \u062e\u0627\u0635 \u0646\u0627\u0642\u0635 \u062d\u0627\u0648\u06cc \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u0628\u062f\u0646\u0647 \u0628\u0627 \u0641\u0631\u0645\u062a \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0631\u0627 \u0628\u0647 \u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f. \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0646\u06cc\u0632 \u0628\u0631\u0627\u06cc CVE-2025-3116 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f7.\u06f1 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0628\u0647 \u0635\u0648\u0631\u062a (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N) \u0627\u0633\u062a.\n\n \u062e\u0646\u062b\u06cc\u200c\u0633\u0627\u0632\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u0631\u0648\u062f\u06cc \u062f\u0631 \u0637\u0648\u0644 \u062a\u0648\u0644\u06cc\u062f \u0635\u0641\u062d\u0647 \u0648\u0628 ('\u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u200c\u0646\u0648\u06cc\u0633\u06cc \u0628\u06cc\u0646\u200c\u0633\u0627\u06cc\u062a\u06cc') CWE-79\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0646\u062b\u06cc\u200c\u0633\u0627\u0632\u06cc \u0646\u0627\u0645\u0646\u0627\u0633\u0628 \u0648\u0631\u0648\u062f\u06cc \u062f\u0631 \u0637\u0648\u0644 \u062a\u0648\u0644\u06cc\u062f \u0635\u0641\u062d\u0647 \u0648\u0628 ('\u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u200c\u0646\u0648\u06cc\u0633\u06cc \u0628\u06cc\u0646\u200c\u0633\u0627\u06cc\u062a\u06cc') \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0645\u0633\u06cc\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0644 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f \u0648 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0627\u0639\u062b \u062a\u0632\u0631\u06cc\u0642 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u0646\u0627\u0645\u0639\u062a\u0628\u0631 \u062a\u0648\u0633\u0637 \u06cc\u06a9 \u06a9\u0627\u0631\u0628\u0631 \u0645\u062e\u0631\u0628 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0634\u062f\u0647 \u0634\u0648\u062f \u06a9\u0647 \u0645\u0646\u062c\u0631 \u0628\u0647 \u062a\u063a\u06cc\u06cc\u0631 \u06cc\u0627 \u062e\u0648\u0627\u0646\u062f\u0646 \u062f\u0627\u062f\u0647\u200c\u0647\u0627 \u062f\u0631 \u0645\u0631\u0648\u0631\u06af\u0631 \u0642\u0631\u0628\u0627\u0646\u06cc \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS \u0646\u0633\u062e\u0647 \u06f4 \u0628\u0631\u0627\u06cc CVE-2025-3117 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u0645\u062a\u06cc\u0627\u0632 \u067e\u0627\u06cc\u0647 \u06f5.\u06f1 \u0645\u062d\u0627\u0633\u0628\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u061b \u0631\u0634\u062a\u0647 \u0628\u0631\u062f\u0627\u0631 CVSS \u0639\u0628\u0627\u0631\u062a \u0627\u0633\u062a \u0627\u0632 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N).\n\nhttps://www.cisa.gov/news-events/ics-advisories/icsa-25-175-03\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR\n\u06af\u0631\u0648\u0647 \u0627\u06cc\u062a\u0627:\nhttps://eitaa.com/joinchat/1866007784Cfd023f90b2", "creation_timestamp": "2025-06-25T10:49:24.000000Z"}, {"uuid": "0de4c255-78bf-44f1-ae8f-11b12d08d76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3112", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17855", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3112\n\ud83d\udd25 CVSS Score: 7.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an\nauthenticated malicious user sends manipulated HTTPS Content-Length header to the webserver.\n\ud83d\udccf Published: 2025-06-10T08:28:31.391Z\n\ud83d\udccf Modified: 2025-06-10T08:28:31.391Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-161-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-161-02.pdf", "creation_timestamp": "2025-06-10T09:33:16.000000Z"}, {"uuid": "107ee758-1f71-4649-a6d4-cd2151670c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/43915", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis PoC for CVE-2025-48799 demonstrates an elevation of privilege vulnerability in Windows Update service, affecting Windows 10 and 11. \ud83d\udc31\ud83d\udcbb\ud83d\udd12\nURL\uff1ahttps://github.com/harshgupptaa/Path-Transversal-CVE-2025-31125-\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-13T16:49:58.000000Z"}, {"uuid": "eba3155d-05f2-49da-9e70-dfe5da43c815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/40", "content": "", "creation_timestamp": "2025-06-13T18:35:05.000000Z"}, {"uuid": "8157c5cc-d480-42c6-80cf-398c9eec3688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/27", "content": "", "creation_timestamp": "2025-05-03T13:01:51.000000Z"}, {"uuid": "bcceeebc-4439-4ce1-84a1-ccbad82db846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31126", "type": "seen", "source": "https://t.me/cvedetector/22007", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31126 - Element X iOS Media Encryption Key Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-31126 \nPublished : April 3, 2025, 6:15 p.m. | 56\u00a0minutes ago \nDescription : Element X iOS is a Matrix iOS Client provided by Element. In Element X iOS version between 1.6.13 and 25.03.7, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. This vulnerability is fixed in 25.03.8. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T21:55:43.000000Z"}, {"uuid": "40e1a760-b388-4698-a353-4bcc4593b258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "Telegram/ydZV3BoiWEq9wD76dMe8taztqWE6Uw4d3FCzMsSbTKFnYRs", "content": "", "creation_timestamp": "2025-07-14T03:00:09.000000Z"}, {"uuid": "46ac277f-1048-4426-94dd-96c0c321eea4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "https://t.me/testibiskuat/537", "content": "\ud83d\udea8 Exploit CVE-2025-31125 untuk Vite.js Dev Server\n\nRepo ini adalah Proof of Concept (PoC) eksploitasi kerentanan path traversal pada development server Vite.js.\nMelalui endpoint @fs, penyerang bisa membaca file sensitif dari server seperti /etc/passwd, asalkan server Vite dijalankan dengan opsi --host terbuka (misalnya saat testing di jaringan publik).\n\n\u26a0\ufe0f Tujuan:\nMembuktikan bahwa versi lama Vite.js rentan terhadap path traversal via URL, sehingga bisa dieksploitasi untuk mencuri file internal.\n\n\u203c\ufe0f Kerentanan ini tidak memungkinkan eksekusi kode, tapi sangat berbahaya karena bisa bocorkan konfigurasi, kredensial, atau source code.\n\n\u2714\ufe0fSudah diperbaiki di versi:\n\n6.2.4+\n\n6.1.3+\n\n6.0.13+\n\n5.4.16+\n\n4.5.11+\n\n\ud83d\udca1Solusi:\nSegera upgrade Vite, dan jangan expose dev server ke internet.\n\n\ud83d\udd17 GitHub: https://github.com/MuhammadWaseem29/Vitejs-exploit", "creation_timestamp": "2025-06-17T15:50:19.000000Z"}, {"uuid": "b9c8970a-0026-4677-bbc0-befbd43d223e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31120", "type": "seen", "source": "https://t.me/cvedetector/23321", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31120 - NamelessMC Insecure View Count Mechanism Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31120 \nPublished : April 18, 2025, 4:15 p.m. | 26\u00a0minutes ago \nDescription : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum page allows an unauthenticated attacker to artificially increase the view count. The application relies on a client-side cookie (nl-topic-[tid]) (or session variable for guests) to determine if a view should be counted. When a client does not provide the cookie, every page request increments the counter, leading to incorrect view metrics. This issue has been patched in version 2.2.0. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-18T19:05:05.000000Z"}, {"uuid": "8056feb1-46d9-4fd2-bda3-cfd47450b802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31127", "type": "seen", "source": "https://t.me/cvedetector/22006", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31127 - Element X Android Media Encryption Key Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-31127 \nPublished : April 3, 2025, 6:15 p.m. | 56\u00a0minutes ago \nDescription : Element X Android is a Matrix Android Client provided by element.io. In Element X Android versions between 0.4.16 and 25.03.3, the entity in control of the element.json well-known file is able, under certain conditions, to get access to the media encryption keys used for an Element Call call. This vulnerability is fixed in 25.03.4. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T21:55:39.000000Z"}, {"uuid": "928c613c-b5bd-4496-bf68-a6e4656eacd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31128", "type": "seen", "source": "https://t.me/cvedetector/21655", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31128 - Gifplayer Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31128 \nPublished : March 31, 2025, 7:15 p.m. | 1\u00a0hour, 51\u00a0minutes ago \nDescription : gifplayer is a customizable jquery plugin to play and stop animated gifs. gifplayer contains a cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 0.3.7. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:24:00.000000Z"}, {"uuid": "e41d0b4e-d328-450c-9358-f132bd321734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31123", "type": "seen", "source": "https://t.me/cvedetector/21649", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31123 - Zitadel JWT Key Expiration Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-31123 \nPublished : March 31, 2025, 8:15 p.m. | 51\u00a0minutes ago \nDescription : Zitadel is open-source identity infrastructure software. A vulnerability existed where expired keys can be used to retrieve tokens. Specifically, ZITADEL fails to properly check the expiration date of the JWT key when used for Authorization Grants. This allows an attacker with an expired key to obtain valid access tokens. This vulnerability does not affect the use of JWT Profile for OAuth 2.0 Client Authentication on the Token and Introspection endpoints, which correctly reject expired keys. This vulnerability is fixed in 2.71.6, 2.70.8, 2.69.9, 2.68.9, 2.67.13, 2.66.16, 2.65.7, 2.64.6, and 2.63.9. \nSeverity: 8.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:23:53.000000Z"}, {"uuid": "b8c921e5-cdb9-40ae-ac06-67936d82e60b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31129", "type": "seen", "source": "https://t.me/cvedetector/21653", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31129 - Jooby Deserialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31129 \nPublished : March 31, 2025, 7:15 p.m. | 1\u00a0hour, 51\u00a0minutes ago \nDescription : Jooby is a web framework for Java and Kotlin. The pac4j io.jooby.internal.pac4j.SessionStoreImpl#get module deserializes untrusted data. This vulnerability is fixed in 2.17.0 (2.x) and 3.7.0 (3.x). \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:23:59.000000Z"}, {"uuid": "067ed2bd-78e5-4d29-85e7-c4d90e647cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31124", "type": "seen", "source": "https://t.me/cvedetector/21650", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31124 - Zitadel Username Existence Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-31124 \nPublished : March 31, 2025, 8:15 p.m. | 51\u00a0minutes ago \nDescription : Zitadel is open-source identity infrastructure software. ZITADEL administrators can enable a setting called \"Ignoring unknown usernames\" which helps mitigate attacks that try to guess/enumerate usernames. If enabled, ZITADEL will show the password prompt even if the user doesn't exist and report \"Username or Password invalid\". While the setting was correctly respected during the login flow, the user's username was normalized leading to a disclosure of the user's existence. This vulnerability is fixed in 2.71.6, 2.70.8, 2.69.9, 2.68.9, 2.67.13, 2.66.16, 2.65.7, 2.64.6, and 2.63.9. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:23:53.000000Z"}, {"uuid": "c17a3af3-00dc-4dd3-a0cd-b7ef91d8b912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31122", "type": "seen", "source": "https://t.me/cvedetector/21642", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31122 - Coding Hut Scratch Coding Hut Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-31122 \nPublished : March 31, 2025, 5:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : scratch-coding-hut.github.io is the website for Coding Hut. In 1.0-beta3 and earlier, the login link can be used to login to any account by changing the username in the username field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T21:43:26.000000Z"}, {"uuid": "d3adb6de-cef8-4779-bc96-e6f2898166ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "seen", "source": "https://t.me/cvedetector/21633", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31125 - Vite File Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31125 \nPublished : March 31, 2025, 5:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected. This vulnerability is fixed in 6.2.4, 6.1.3, 6.0.13, 5.4.16, and 4.5.11. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T21:43:14.000000Z"}, {"uuid": "de7eb681-ea98-40ea-864f-3036b463e554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "Telegram/N8uq1Jx0g0gbfuBCg8wzq4C3UqiEx5PBm4E8_nw5MDhPdA4", "content": "", "creation_timestamp": "2025-04-01T23:00:05.000000Z"}, {"uuid": "9b252713-f349-468f-822b-40d547d0ceb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "Telegram/l-RUKEq1u5JC4p5gtwKJVjQtOGsljXG_cScAzYuNwcOFMHM", "content": "", "creation_timestamp": "2025-04-02T01:00:08.000000Z"}, {"uuid": "a63c0d52-1ab9-4f7b-a14f-d23303fc7329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31125", "type": "published-proof-of-concept", "source": "Telegram/r84uk1c1f1koqzztiTdxByQ9BLtYAaDiWUWNZ6l_8-95JYw", "content": "", "creation_timestamp": "2025-05-07T17:00:13.000000Z"}]}