{"vulnerability": "CVE-2025-3172", "sightings": [{"uuid": "5fd15d01-5150-4391-8111-1303fd22c2bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31723", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10134", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31723\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site request forgery (CSRF) vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order.\n\ud83d\udccf Published: 2025-04-02T14:59:51.305Z\n\ud83d\udccf Modified: 2025-04-02T16:59:30.175Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3469", "creation_timestamp": "2025-04-02T17:33:44.000000Z"}, {"uuid": "21402943-51c2-4472-864a-68df355adf64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31728", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llu3i3wj7a2k", "content": "", "creation_timestamp": "2025-04-02T19:07:10.246273Z"}, {"uuid": "3cb7bb2a-dee2-478b-8c14-7fa946c945f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31726", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llu3i3zso72b", "content": "", "creation_timestamp": "2025-04-02T19:07:10.870775Z"}, {"uuid": "c261f004-3b73-41cb-91a3-8ec373eb1988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31727", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llu3i4e4qp2b", "content": "", "creation_timestamp": "2025-04-02T19:07:12.606902Z"}, {"uuid": "3785645f-b0ca-46fa-81a6-eda60e2aae22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114270096822737774", "content": "", "creation_timestamp": "2025-04-02T19:48:24.851362Z"}, {"uuid": "b91658ff-0d77-4eb1-8596-148af8d8698d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114270096822737774", "content": "", "creation_timestamp": "2025-04-02T19:48:24.854468Z"}, {"uuid": "c6731c7e-dacc-412c-b990-81a2597f2599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lw5oyurxkz2f", "content": "", "creation_timestamp": "2025-08-11T21:02:27.682968Z"}, {"uuid": "5ad17f65-c8da-4b91-86ae-d0dc731a78dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "published-proof-of-concept", "source": "Telegram/WSyTh9exsH7CbCOBuABe9qTMUmqND3LIWJ2H6hWdSDkuNIQ", "content": "", "creation_timestamp": "2025-08-08T21:00:04.000000Z"}, {"uuid": "ea93331e-559e-4753-ac63-5bd760d8d032", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31721", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10136", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31721\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration.\n\ud83d\udccf Published: 2025-04-02T14:59:50.144Z\n\ud83d\udccf Modified: 2025-04-02T16:51:08.706Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3513", "creation_timestamp": "2025-04-02T17:33:46.000000Z"}, {"uuid": "c9b4af3d-5957-4873-96b4-ada2d99cd55a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31720", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10137", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31720\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration.\n\ud83d\udccf Published: 2025-04-02T14:59:49.570Z\n\ud83d\udccf Modified: 2025-04-02T16:49:21.599Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3512", "creation_timestamp": "2025-04-02T17:33:47.000000Z"}, {"uuid": "4298b97b-e83d-4bab-8741-d0e2b7b4939d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3172", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10297", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3172\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyer_booking.php. The manipulation of the argument unblock_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-03T18:00:16.848Z\n\ud83d\udccf Modified: 2025-04-03T18:13:30.885Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303131\n2. https://vuldb.com/?ctiid.303131\n3. https://vuldb.com/?submit.543274\n4. https://github.com/p1026/CVE/issues/6", "creation_timestamp": "2025-04-03T18:35:24.000000Z"}, {"uuid": "8042e388-2171-464e-b833-93185f3a2cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10135", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31722\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.\n\ud83d\udccf Published: 2025-04-02T14:59:50.726Z\n\ud83d\udccf Modified: 2025-04-02T16:53:11.893Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3505", "creation_timestamp": "2025-04-02T17:33:45.000000Z"}, {"uuid": "5eacff7a-1636-4cd4-857c-7ba152de8576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31725", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10346", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31725\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.\n\ud83d\udccf Published: 2025-04-02T14:59:52.475Z\n\ud83d\udccf Modified: 2025-04-03T20:18:31.242Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3539", "creation_timestamp": "2025-04-03T20:35:51.000000Z"}, {"uuid": "4066cf26-71ba-4d42-9411-80fdfc9cb768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31728", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10342", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31728\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.\n\ud83d\udccf Published: 2025-04-02T14:59:54.247Z\n\ud83d\udccf Modified: 2025-04-03T20:20:27.891Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3523", "creation_timestamp": "2025-04-03T20:35:48.000000Z"}, {"uuid": "46305420-700f-4d96-9673-6b07f0f495b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3172", "type": "seen", "source": "https://t.me/cvedetector/22004", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3172 - Project Worlds Online Lawyer Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3172 \nPublished : April 3, 2025, 6:15 p.m. | 56\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyer_booking.php. The manipulation of the argument unblock_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T21:55:38.000000Z"}, {"uuid": "afaad96a-5692-4765-a422-1ed5d877417a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/47038", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aUsed to demo CVE-2025-31722.\nURL\uff1ahttps://github.com/Nick6371/CVE-2025-31722\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-08T17:39:34.000000Z"}, {"uuid": "33cb2490-d0d3-4706-aba3-817496374f15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31726", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10345", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31726\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.\n\ud83d\udccf Published: 2025-04-02T14:59:53.108Z\n\ud83d\udccf Modified: 2025-04-03T20:19:11.827Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3520", "creation_timestamp": "2025-04-03T20:35:50.000000Z"}, {"uuid": "e9e5ef18-d9e6-435c-adaa-860239c21b1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31727", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10344", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31727\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.\n\ud83d\udccf Published: 2025-04-02T14:59:53.687Z\n\ud83d\udccf Modified: 2025-04-03T20:19:52.127Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3523", "creation_timestamp": "2025-04-03T20:35:49.000000Z"}, {"uuid": "691adaf3-50b8-487b-980b-22dd1de86cf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31728", "type": "seen", "source": "https://t.me/cvedetector/21878", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31728 - Jenkins AsakusaSatellite Plugin API Key Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31728 \nPublished : April 2, 2025, 3:16 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:53.000000Z"}, {"uuid": "2968a38e-09d3-4efd-9964-f538a899dd6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31724", "type": "seen", "source": "https://t.me/cvedetector/21883", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31724 - Jenkins Cadence vManager Plugin Unencrypted API Key Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-31724 \nPublished : April 2, 2025, 3:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Jenkins Cadence vManager Plugin 4.0.0-282.v5096a_c2db_275 and earlier stores Verisium Manager vAPI keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:10:00.000000Z"}, {"uuid": "6ae041d5-26e5-451c-8271-352c67979546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31723", "type": "seen", "source": "https://t.me/cvedetector/21882", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31723 - Jenkins Simple Queue Plugin CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31723 \nPublished : April 2, 2025, 3:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : A cross-site request forgery (CSRF) vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:59.000000Z"}, {"uuid": "e9f73fc8-9b02-479c-bea4-580fbd5f8cb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "seen", "source": "https://t.me/cvedetector/21881", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31722 - Jenkins Templating Engine Plugin Sandbox Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-31722 \nPublished : April 2, 2025, 3:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:58.000000Z"}, {"uuid": "b1bf014d-050e-4ad1-a250-18dea2211a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31721", "type": "seen", "source": "https://t.me/cvedetector/21880", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31721 - Jenkins Missing Permission Check Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31721 \nPublished : April 2, 2025, 3:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:58.000000Z"}, {"uuid": "8f377836-e216-44d4-b393-8b98b3b2eaad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31720", "type": "seen", "source": "https://t.me/cvedetector/21879", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31720 - Jenkins Missing Permission Check Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31720 \nPublished : April 2, 2025, 3:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : A missing permission check in Jenkins 2.503 and earlier, LTS 2.492.2 and earlier allows attackers with Computer/Create permission but without Computer/Extended Read permission to copy an agent, gaining access to its configuration. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:54.000000Z"}, {"uuid": "b63a5e7f-3c6a-4dd1-baf3-e792274a864f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31726", "type": "seen", "source": "https://t.me/cvedetector/21877", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31726 - Jenkins Stack Hammer Plugin Unencrypted API Key Storage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31726 \nPublished : April 2, 2025, 3:16 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:52.000000Z"}, {"uuid": "31e9a5af-2152-4528-a881-0145b24e68ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31727", "type": "seen", "source": "https://t.me/cvedetector/21876", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31727 - Jenkins AsakusaSatellite Plugin Unencrypted API Key Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-31727 \nPublished : April 2, 2025, 3:16 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:52.000000Z"}, {"uuid": "0d44a2d6-b998-4ca6-850d-fb6bbbe2167a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31725", "type": "seen", "source": "https://t.me/cvedetector/21875", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31725 - Jenkins Monitor-Remote-Job Plugin Unencrypted Password Storage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-31725 \nPublished : April 2, 2025, 3:16 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Jenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T19:09:51.000000Z"}]}