{"vulnerability": "CVE-2025-3239", "sightings": [{"uuid": "763e5bc1-65db-4307-a7f3-5883ebf24154", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.com/post/3lr73y4xzmk2h", "content": "", "creation_timestamp": "2025-06-09T19:21:23.023292Z"}, {"uuid": "ffde32fb-3f42-4ec4-b885-dd09095be899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114655027697783093", "content": "", "creation_timestamp": "2025-06-09T19:21:23.692914Z"}, {"uuid": "17b1aa8e-69fe-4314-b079-f23e26cfe135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3239", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llyicibfx32u", "content": "", "creation_timestamp": "2025-04-04T13:07:22.679560Z"}, {"uuid": "d5b9c306-a47c-4334-8dd2-9b209317ad21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32391", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhta457up2a", "content": "", "creation_timestamp": "2025-04-10T15:32:48.802100Z"}, {"uuid": "bc3efe7a-4f06-4007-87ed-e50e17d64f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhta4azji2z", "content": "", "creation_timestamp": "2025-04-10T15:32:49.511428Z"}, {"uuid": "c55e062c-72b0-46e4-9a2f-367fbbcd855b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:37.000000Z"}, {"uuid": "45dd3524-1a49-4cd0-bc80-4eca693dda22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32398", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lokxykssts2h", "content": "", "creation_timestamp": "2025-05-07T08:26:25.461375Z"}, {"uuid": "4591552e-3b97-417f-b9b4-98ea381784a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32397", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lokxykzgxm2w", "content": "", "creation_timestamp": "2025-05-07T08:26:26.612989Z"}, {"uuid": "11dc3094-ea6d-4008-8528-08cb39c5c274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32399", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lokxylhe322h", "content": "", "creation_timestamp": "2025-05-07T08:26:28.870941Z"}, {"uuid": "c69f0cd2-d13a-4288-ad95-d18daed1bfb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32396", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lokxylkokx2j", "content": "", "creation_timestamp": "2025-05-07T08:26:29.421983Z"}, {"uuid": "9e6259ef-19a7-469d-b42d-0b8506508c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32390", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loy7dugs362w", "content": "", "creation_timestamp": "2025-05-12T14:42:37.581990Z"}, {"uuid": "ba1ce27f-aaae-4f6c-bd92-cf1316e7880a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32399", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15276", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32399\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: An Unchecked Input for Loop Condition in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to cause IO devices that use the library to enter an infinite loop by sending a malicious RPC packet.\n\ud83d\udccf Published: 2025-05-07T07:05:24.614Z\n\ud83d\udccf Modified: 2025-05-07T07:05:24.614Z\n\ud83d\udd17 References:\n1. https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-32399", "creation_timestamp": "2025-05-07T07:22:05.000000Z"}, {"uuid": "caa6c49a-32e9-4919-a77f-009da365cfb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "65692d27-657e-4e2e-8eb6-32e06eca7a27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32398", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15277", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32398\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A NULL Pointer Dereference in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.\n\ud83d\udccf Published: 2025-05-07T07:05:19.913Z\n\ud83d\udccf Modified: 2025-05-07T07:05:19.913Z\n\ud83d\udd17 References:\n1. https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-32398", "creation_timestamp": "2025-05-07T07:22:06.000000Z"}, {"uuid": "02e3ea55-7bda-477f-b847-0237ac6b1b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/17956", "content": "\ud83d\udea8CVE-2025-32395: Vite HTTP Request Target Denial of Service\n  \nFOFA Link: https://en.fofa.info/result?qbase64=Ym9keT0iL0B2aXRlL2NsaWVudCI%3D\n\nFOFA Query: body=\"/@vite/client\"\n\nResults: 130,393\n\nAdvisory/PoC: https://github.com/advisories/GHSA-356w-63v5-8wf4\n\nCVSS: 6.0", "creation_timestamp": "2025-06-14T17:54:21.000000Z"}, {"uuid": "71ef3fc7-c2a8-4e66-863f-8cbe6eef3aa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/32663", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-32395-POC\nURL\uff1ahttps://github.com/ruiwenya/CVE-2025-32395\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-18T09:15:55.000000Z"}, {"uuid": "7ecec38f-e7ac-48d3-b623-a9481b261aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32396", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15279", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32396\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.\n\ud83d\udccf Published: 2025-05-07T07:05:04.681Z\n\ud83d\udccf Modified: 2025-05-07T07:05:04.681Z\n\ud83d\udd17 References:\n1. https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-32396", "creation_timestamp": "2025-05-07T07:22:08.000000Z"}, {"uuid": "ff37f34d-bfb8-4035-b34d-a2f28d06baca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32397", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15278", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32397\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.\n\ud83d\udccf Published: 2025-05-07T07:05:15.746Z\n\ud83d\udccf Modified: 2025-05-07T07:05:15.746Z\n\ud83d\udd17 References:\n1. https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-32397", "creation_timestamp": "2025-05-07T07:22:07.000000Z"}, {"uuid": "25dee6e5-a90e-44f4-b462-8a239a9ca2a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3239", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10434", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3239\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/edit-guard-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-04T10:31:05.711Z\n\ud83d\udccf Modified: 2025-04-04T12:03:04.261Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303265\n2. https://vuldb.com/?ctiid.303265\n3. https://vuldb.com/?submit.546598\n4. https://github.com/JunGu-W/cve/issues/4\n5. https://phpgurukul.com/", "creation_timestamp": "2025-04-04T12:36:46.000000Z"}, {"uuid": "993e0afe-f2f0-44b1-9546-438dcd68ac4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32390", "type": "seen", "source": "https://t.me/cvedetector/25075", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32390 - EspoCRM HTML Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32390 \nPublished : May 12, 2025, 11:15 a.m. | 1\u00a0hour ago \nDescription : EspoCRM is a free, open-source customer relationship management platform. Prior to version 9.0.8, HTML Injection in Knowledge Base (KB) articles leads to complete page defacement imitating the login page. Authenticated users with the read knowledge article privilege can browse to the KB article and if they submit their credentials, they get captured in plain text. The vulnerability is allowed by overly permissive HTML editing being allowed on the KB articles. Any authenticated user with the privilege to read KB articles is impacted. In an enterprise with multiple applications, the malicious KB article could be edited to match the login pages of other applications, which would make it useful for credential harvesting against other applications as well. Version 9.0.8 contains a patch for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-12T14:26:23.000000Z"}, {"uuid": "612a3c69-135a-4610-8825-968ed0b213b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32398", "type": "seen", "source": "https://t.me/cvedetector/24684", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32398 - RT-Labs P-Net NULL Pointer Dereference\", \n  \"Content\": \"CVE ID : CVE-2025-32398 \nPublished : May 7, 2025, 7:15 a.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : A NULL Pointer Dereference in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T10:34:33.000000Z"}, {"uuid": "9d1d0c56-f579-4a9f-a0c6-50e58330d314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32391", "type": "seen", "source": "https://t.me/cvedetector/22656", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32391 - HedgeDoc SVG Upload Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-32391 \nPublished : April 10, 2025, 2:15 p.m. | 1\u00a0hour, 3\u00a0minutes ago \nDescription : HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.3, a malicious SVG file uploaded to HedgeDoc results in the possibility of XSS when opened in a new tab instead of the editor itself. The XSS is possible by exploiting the JSONP capabilities of GitHub Gist embeddings. Only instances with the local filesystem upload backend or special configurations, where the uploads are served from the same domain as HedgeDoc, are vulnerable. This vulnerability is fixed in 1.10.3. When upgrading to HedgeDoc 1.10.3 is not possible, instance owners could add the following headers for all routes under /uploads as a first-countermeasure: Content-Disposition: attachment and Content-Security-Policy: default-src 'none'. Additionally, the external URLs in the script-src attribute of the Content-Security-Policy header should be removed. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T17:52:05.000000Z"}, {"uuid": "5594338e-e24a-4a45-998c-4e83ad6e7f07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "seen", "source": "https://t.me/cvedetector/22655", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32395 - \"Vite HTTP Request Target Denial of Service\"\", \n  \"Content\": \"CVE ID : CVE-2025-32395 \nPublished : April 10, 2025, 2:15 p.m. | 1\u00a0hour, 3\u00a0minutes ago \nDescription : Vite is a frontend tooling framework for javascript. Prior to 6.2.6, 6.1.5, 6.0.15, 5.4.18, and 4.5.13, the contents of arbitrary files can be returned to the browser if the dev server is running on Node or Bun. HTTP 1.1 spec (RFC 9112) does not allow # in request-target. Although an attacker can send such a request. For those requests with an invalid request-line (it includes request-target), the spec recommends to reject them with 400 or 301. The same can be said for HTTP 2. On Node and Bun, those requests are not rejected internally and is passed to the user land. For those requests, the value of http.IncomingMessage.url contains #. Vite assumed req.url won't contain # when checking server.fs.deny, allowing those kinds of requests to bypass the check. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) and running the Vite dev server on runtimes that are not Deno (e.g. Node, Bun) are affected. This vulnerability is fixed in 6.2.6, 6.1.5, 6.0.15, 5.4.18, and 4.5.13. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T17:52:04.000000Z"}, {"uuid": "45d433af-af28-4eb9-990c-01cb3f25b95c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3239", "type": "seen", "source": "https://t.me/cvedetector/22108", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3239 - PHPGurukul Online Fire Reporting System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3239 \nPublished : April 4, 2025, 11:15 a.m. | 40\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. Affected by this vulnerability is an unknown functionality of the file /admin/edit-guard-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T14:40:14.000000Z"}, {"uuid": "3e5f1959-69fa-450e-84b5-c2b6deff3b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32398", "type": "published-proof-of-concept", "source": "Telegram/s1CMES_h8TZrfQEggyegqiEz1ij5IXKbThjcieImZ2BBgVM", "content": "", "creation_timestamp": "2025-05-07T09:32:04.000000Z"}, {"uuid": "085df813-2fb3-4e1a-96bd-ff4e7005a2ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32396", "type": "published-proof-of-concept", "source": "Telegram/s1CMES_h8TZrfQEggyegqiEz1ij5IXKbThjcieImZ2BBgVM", "content": "", "creation_timestamp": "2025-05-07T09:32:04.000000Z"}, {"uuid": "1f2f38d5-7ab9-4bc0-be35-0760f2cc0cd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32397", "type": "published-proof-of-concept", "source": "Telegram/s1CMES_h8TZrfQEggyegqiEz1ij5IXKbThjcieImZ2BBgVM", "content": "", "creation_timestamp": "2025-05-07T09:32:04.000000Z"}, {"uuid": "2eabe3e6-a1c7-410e-9a55-202f3b991e96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "exploited", "source": "https://t.me/jj_8tl/205", "content": "\u26a1\ufe0fThe vulnerability details are now available: https://t.co/g8DwnUIc32\n\n\ud83d\udea8\ud83d\udea8CVE-2025-32395: Vite Arbitrary File Read Vulnerability\nVite\u2019s URL parsing chokes on specific query params, letting attackers bypass security checks with a carefully crafted request. They can read ANY file on the server\u2014think config files, API keys, or other sensitive goodies.\n\ud83d\udd25PoC:  https://t.co/lDnhDsNUBQ\n\nZoomEye Dork\ud83d\udc49app=\"Vite\"\nUncovers 9K+ exposed instances!\nZoomEye Link: https://t.co/T7DDcc2RKs\n\nRefer: https://t.co/mLQfmeGv0n\n\n#ZoomEye #NetSecMapping #cybersecurity #CyberSpaceInsights2025\n\n\u2728 Shared via Awham AutoFeed \u2728\nChannel: @jj_8tl", "creation_timestamp": "2025-04-11T12:07:51.000000Z"}, {"uuid": "cff402c9-5a11-46a2-9cdc-843c69b1aa3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "published-proof-of-concept", "source": "Telegram/1SW_YOJ_X8AE9v_i6HvO1bOHnkEgUcZSz7zqWO7sCdj4GF8", "content": "", "creation_timestamp": "2025-04-18T21:00:06.000000Z"}, {"uuid": "83ba4289-da96-4bdc-aa7e-6188b6175326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "published-proof-of-concept", "source": "Telegram/025r9Ac4mA6AzmYH4V_5jxzygPRuLIkjd6NMrYR-gf6fiv4", "content": "", "creation_timestamp": "2025-04-18T17:00:10.000000Z"}, {"uuid": "55b0f3b6-7e1b-4c49-816a-0440ef13ad58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32396", "type": "seen", "source": "https://t.me/cvedetector/24682", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32396 - RT-Labs P-Net Heap-based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-32396 \nPublished : May 7, 2025, 7:15 a.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T10:34:29.000000Z"}, {"uuid": "20e7c4c8-6b20-4c0d-9b60-fde34e941ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32397", "type": "seen", "source": "https://t.me/cvedetector/24683", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32397 - RT-Labs P-Net Heap-based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32397 \nPublished : May 7, 2025, 7:15 a.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T10:34:31.000000Z"}, {"uuid": "3b156a1d-5ef1-49fd-93c9-339c2e1e5f17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32399", "type": "seen", "source": "https://t.me/cvedetector/24685", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32399 - RT-Labs P-Net Infinite Loop Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32399 \nPublished : May 7, 2025, 7:15 a.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : An Unchecked Input for Loop Condition in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to cause IO devices that use the library to enter an infinite loop by sending a malicious RPC packet. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T10:34:35.000000Z"}, {"uuid": "84318bcf-664e-45dd-a7b7-680d27848b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32395", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-32395.yaml", "content": "", "creation_timestamp": "2026-05-02T17:23:20.000000Z"}]}