{"vulnerability": "CVE-2025-3201", "sightings": [{"uuid": "bf38ff99-7351-417b-a68e-33a5febcda81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32018", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114303598060531170", "content": "", "creation_timestamp": "2025-04-08T17:48:13.368868Z"}, {"uuid": "c23c681b-bc90-41ba-b274-8e24edc4a9cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3201", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpboahtfxw2h", "content": "", "creation_timestamp": "2025-05-16T09:03:07.472648Z"}, {"uuid": "63582180-b190-416d-8b3b-dcd63ca9ae58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lm6fvkpnqa2o", "content": "", "creation_timestamp": "2025-04-06T21:40:16.064576Z"}, {"uuid": "e5b27186-cc77-49e5-a520-a37a82196415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lm6l22gwfb2i", "content": "", "creation_timestamp": "2025-04-06T23:12:17.175900Z"}, {"uuid": "aa2e2b1b-f7da-4ecf-99bb-39f65ba4ad3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32018", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmd756sgdk2f", "content": "", "creation_timestamp": "2025-04-08T19:22:42.354780Z"}, {"uuid": "7acc7717-dcc9-40fa-97b7-2162ccf97974", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32017", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmd756z7yg2i", "content": "", "creation_timestamp": "2025-04-08T19:22:43.621364Z"}, {"uuid": "d5c17f6a-d842-4ef3-bb9e-3e9a64dacfd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32015", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqsqh7s6bdk2", "content": "", "creation_timestamp": "2025-06-04T21:23:50.120845Z"}, {"uuid": "baaa0f21-d918-4144-82b4-df681e42be99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32011", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01", "content": "", "creation_timestamp": "2025-05-01T10:00:00.000000Z"}, {"uuid": "579c60a6-5f83-4460-8da2-b6f861f161bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32011", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo55xlxinp2h", "content": "", "creation_timestamp": "2025-05-01T20:36:00.488151Z"}, {"uuid": "c0d9759b-6b12-40bc-ab0f-fc4c49f345c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32011", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lssy4b6g2mb2", "content": "", "creation_timestamp": "2025-06-30T10:30:58.018617Z"}, {"uuid": "2a33ce63-6b6b-4aaf-bb3c-a5229707be25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32011", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114771847976520425", "content": "", "creation_timestamp": "2025-06-30T10:30:19.068910Z"}, {"uuid": "028640d9-3364-47f6-8c11-221dffa5d984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbw2ngl2f", "content": "", "creation_timestamp": "2025-08-03T21:02:47.598529Z"}, {"uuid": "8f3aa1b3-76cc-439b-a0c1-616778d45f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32014", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:40.000000Z"}, {"uuid": "2277b767-2fcd-4168-866b-6b9bc6b9718a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32019", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3luoby7vsaw2h", "content": "", "creation_timestamp": "2025-07-24T00:34:19.188845Z"}, {"uuid": "51067ba3-34ba-4837-ae8a-c2abd8c1f843", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32014", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:38.000000Z"}, {"uuid": "18321659-6819-4fad-b7bc-ca387b6ca5ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32019", "type": "seen", "source": "MISP/2bceffac-02c3-4c54-a709-6e253b38ec76", "content": "", "creation_timestamp": "2025-09-09T20:56:41.000000Z"}, {"uuid": "ca818503-5998-4227-b6b8-136407c49649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32010", "type": "seen", "source": "https://infosec.place/objects/19cbb903-c61a-4242-9dbf-2801249e8b08", "content": "", "creation_timestamp": "2025-08-20T13:30:45.203238Z"}, {"uuid": "032e183b-c8d1-4648-9ef0-d8cf23a13e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32010", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lwttm6sh5i2e", "content": "", "creation_timestamp": "2025-08-20T16:23:24.714056Z"}, {"uuid": "444580bc-1945-4a83-b305-f6cbd5ca3389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32017", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10929", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32017\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 and 15.3.1.\n\ud83d\udccf Published: 2025-04-08T15:37:23.733Z\n\ud83d\udccf Modified: 2025-04-08T15:37:23.733Z\n\ud83d\udd17 References:\n1. https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-q62r-8ppj-xvf4\n2. https://github.com/umbraco/Umbraco-CMS/commit/06a2a500b358ce15b1e228391eb60bd517c6e833\n3. https://github.com/umbraco/Umbraco-CMS/commit/d3c1443b14b1076faf13d1bcecc42860fdf5fad8", "creation_timestamp": "2025-04-08T15:47:03.000000Z"}, {"uuid": "a69f9bb5-107c-4ab7-a270-5af1ecd6f47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/30625", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aSecurity Advisory and PoC for CVE-2025-32013\nURL\uff1ahttps://github.com/Mohith-T/CVE-2025-32013\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-08T22:01:17.000000Z"}, {"uuid": "9c4acc98-927c-4445-8042-0f6b809bd156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32011", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14379", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32011\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal.\n\ud83d\udccf Published: 2025-05-01T18:40:28.325Z\n\ud83d\udccf Modified: 2025-05-01T18:58:49.407Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-25-121-01\n2. http://packages.revolutionpi.de/pool/main/p/pictory/", "creation_timestamp": "2025-05-01T19:15:05.000000Z"}, {"uuid": "3230b855-ef04-4998-b0c1-9d1136f486d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10641", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32013\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request to that URL using the httpx library with redirect following enabled. The application doesn't properly validate the callback URL, allowing attackers to specify internal network addresses and access internal resources.\n\ud83d\udccf Published: 2025-04-06T20:07:05.624Z\n\ud83d\udccf Modified: 2025-04-06T20:07:05.624Z\n\ud83d\udd17 References:\n1. https://github.com/lnbits/lnbits/security/advisories/GHSA-qp8j-p87f-c8cc", "creation_timestamp": "2025-04-06T20:43:59.000000Z"}, {"uuid": "034695ba-f970-4b0e-8baa-f7e3c66f04e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3201", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16639", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3201\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Contact Form builder with drag & drop for WordPress  WordPress plugin before 2.4.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks.\n\ud83d\udccf Published: 2025-05-16T06:00:03.892Z\n\ud83d\udccf Modified: 2025-05-16T06:00:03.892Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/4248289f-36d2-41c5-baf6-bb2c630482ef/", "creation_timestamp": "2025-05-16T06:35:22.000000Z"}, {"uuid": "955faecd-4341-40da-8f39-16e794dff65d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32012", "type": "seen", "source": "https://t.me/cvedetector/23009", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32012 - Jellyfin Unauthenticated Local Network IP Spoofing Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-32012 \nPublished : April 15, 2025, 8:15 p.m. | 1\u00a0hour, 3\u00a0minutes ago \nDescription : Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jellyfin server. This endpoint is intended to be admins-only, but it also authorizes requests from any device in the same local network as the Jellyfin server. Due to the method Jellyfin uses to determine the source IP of a request, an unauthenticated attacker is able to spoof their IP to appear as a LAN IP, allowing them to restart the Jellyfin server process without authentication. This means that an unauthenticated attacker could mount a denial-of-service attack on any default-configured Jellyfin server by simply sending the same spoofed request every few seconds to restart the server over and over. This method of IP spoofing also bypasses some security mechanisms, cause a denial-of-service attack, and possible bypass the admin restart requirement if combined with remote code execution. This issue is patched in version 10.10.7. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T00:08:26.000000Z"}, {"uuid": "28313be5-a8f8-466f-bb7b-eca5aee65833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "published-proof-of-concept", "source": "Telegram/wdMBdU1y-FV7Z2SwoE6i6eGGpHU94q59MKNoUh9IbRYtwog", "content": "", "creation_timestamp": "2025-04-09T05:00:07.000000Z"}, {"uuid": "468f957b-5c57-41b1-968b-fab3ae6a48ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "seen", "source": "https://t.me/cvedetector/22227", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32013 - LNbits SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32013 \nPublished : April 6, 2025, 8:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request to that URL using the httpx library with redirect following enabled. The application doesn't properly validate the callback URL, allowing attackers to specify internal network addresses and access internal resources. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T00:20:05.000000Z"}, {"uuid": "d6b3f505-3f35-477e-9a65-9d9b8ae831ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32013", "type": "published-proof-of-concept", "source": "Telegram/KQHgBG0pvBiePsgZbFhCl3OvqKepMrf4RCQXURbQUkhOgT4", "content": "", "creation_timestamp": "2025-04-06T23:30:47.000000Z"}, {"uuid": "c3701e76-02fd-437e-ac99-7321a997f40a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32011", "type": "published-proof-of-concept", "source": "Telegram/0EwG4WR3r_yD8YYpC8nymf37rvRJ9lNf57cFzRcn8wtN8JQ", "content": "", "creation_timestamp": "2025-05-01T22:01:57.000000Z"}, {"uuid": "b9911260-d442-49a2-ad71-65be112b8e3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32011", "type": "seen", "source": "https://t.me/cvedetector/24282", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32011 - KUNBUS PiCtory Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32011 \nPublished : May 1, 2025, 7:15 p.m. | 1\u00a0hour, 20\u00a0minutes ago \nDescription : KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to a path traversal. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T23:12:53.000000Z"}]}