{"vulnerability": "CVE-2025-3241", "sightings": [{"uuid": "de21ab0e-60a3-451b-b3e7-2e8d843803c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32413", "type": "seen", "source": "https://social.circl.lu/users/circl/statuses/114301131175513624", "content": "", "creation_timestamp": "2025-04-08T07:20:50.694751Z"}, {"uuid": "41680f95-14ea-43e9-b849-602d1bbc38a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3241", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llyici2ofb2i", "content": "", "creation_timestamp": "2025-04-04T13:07:21.473785Z"}, {"uuid": "381e1571-e421-407b-bc71-d74bccdc9e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "cve-2025-32413", "type": "seen", "source": "https://zigrin.com/advisories/vulnerability-lookup-stored-cross-site-scripting-xss/", "content": "", "creation_timestamp": "2025-04-08T08:10:24.832940Z"}, {"uuid": "8e821a75-7f6a-4726-b9b7-d187eb4c06e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32415", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzrqyenkv2r", "content": "", "creation_timestamp": "2025-04-17T18:54:22.342629Z"}, {"uuid": "d632d578-18f0-4d6e-a19f-ccb3dc5e11cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32414", "type": "seen", "source": "https://gist.github.com/EbonJaeger/deb2aa172e52343ebc67b84d4a0949f1", "content": "", "creation_timestamp": "2025-04-18T16:40:49.000000Z"}, {"uuid": "0c4c8f06-b0a8-420c-81b2-3132cb77d538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32415", "type": "seen", "source": "https://gist.github.com/EbonJaeger/deb2aa172e52343ebc67b84d4a0949f1", "content": "", "creation_timestamp": "2025-04-18T16:40:49.000000Z"}, {"uuid": "6a02ce2b-2398-4b2a-b37e-9d7f88539fdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32415", "type": "seen", "source": "https://gist.github.com/martinpitt/1824f4a9b0a29ff0c2fb3b1e2f3ddfa0", "content": "", "creation_timestamp": "2026-04-07T12:23:25.000000Z"}, {"uuid": "b7ce6a10-3593-4cc6-8cc5-71732f046545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32412", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-168-04", "content": "", "creation_timestamp": "2025-06-17T10:00:00.000000Z"}, {"uuid": "e53fe6ea-3756-4d31-83b3-de1f4ad59b99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32414", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lrt7llwxri22", "content": "", "creation_timestamp": "2025-06-17T19:19:12.707122Z"}, {"uuid": "ce13ce2e-629d-4ee0-a084-5a5f9aa30aeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32414", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lrt7nt7pkkw2", "content": "", "creation_timestamp": "2025-06-17T19:20:49.774517Z"}, {"uuid": "2fff8fcb-cbbd-44b6-8612-89069a041ed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32412", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-400/", "content": "", "creation_timestamp": "2025-06-17T03:00:00.000000Z"}, {"uuid": "afcce0c0-6f3c-433f-8c08-18afab237aa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32414", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3lupiezpjkf2y", "content": "", "creation_timestamp": "2025-07-24T12:01:34.233613Z"}, {"uuid": "64c51773-26f6-4dbe-8c58-c2fc2cd0d83e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32415", "type": "seen", "source": "https://bsky.app/profile/lambdawatchdog.bsky.social/post/3lupif25cot25", "content": "", "creation_timestamp": "2025-07-24T12:01:35.036436Z"}, {"uuid": "bf2adcb4-9849-401c-9ece-24ceddd64068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32414", "type": "seen", "source": "https://gist.github.com/martinpitt/1824f4a9b0a29ff0c2fb3b1e2f3ddfa0", "content": "", "creation_timestamp": "2026-04-07T12:23:25.000000Z"}, {"uuid": "91cacdcf-ef38-463b-a9ae-c1c920692003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32413", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10814", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32413\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Vulnerability-Lookup before 2.7.1 allows stored XSS via a user bio in website/web/views/user.py.\n\ud83d\udccf Published: 2025-04-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-08T02:27:52.326Z\n\ud83d\udd17 References:\n1. https://github.com/vulnerability-lookup/vulnerability-lookup/commit/0a120af1de4a0a13bc2e2000f3c4639291122ba0\n2. https://github.com/vulnerability-lookup/vulnerability-lookup/compare/v2.7.0...v2.7.1", "creation_timestamp": "2025-04-08T02:45:33.000000Z"}, {"uuid": "9a2597f7-adfc-45b5-bfef-92b718d5f483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3241", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10432", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3241\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the argument routercontent leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-04T11:00:11.294Z\n\ud83d\udccf Modified: 2025-04-04T11:00:11.294Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303267\n2. https://vuldb.com/?ctiid.303267\n3. https://vuldb.com/?submit.547585\n4. https://github.com/askqiu/cve/blob/main/README.md", "creation_timestamp": "2025-04-04T11:39:08.000000Z"}, {"uuid": "07a833fe-f8b6-4052-9473-875c5e863945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32414", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10827", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32414\n\ud83d\udd25 CVSS Score: 5.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.\n\ud83d\udccf Published: 2025-04-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-08T02:55:58.812Z\n\ud83d\udd17 References:\n1. https://gitlab.gnome.org/GNOME/libxml2/-/issues/889", "creation_timestamp": "2025-04-08T03:45:57.000000Z"}, {"uuid": "3faba1db-65a9-44ce-8d9b-5337ca7421c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32415", "type": "seen", "source": "https://t.me/cvedetector/23248", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32415 - Libxml2 Heap-Based Buffer Underflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32415 \nPublished : April 17, 2025, 5:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer underflow. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T20:30:17.000000Z"}, {"uuid": "bbad6009-606b-407b-9c6a-55ec3f82220e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32413", "type": "seen", "source": "https://t.me/cvedetector/22393", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32413 - Apache Website Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-32413 \nPublished : April 8, 2025, 3:15 a.m. | 2\u00a0hours, 3\u00a0minutes ago \nDescription : Vulnerability-Lookup before 2.7.1 allows stored XSS via a user bio in website/web/views/user.py. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T08:08:10.000000Z"}, {"uuid": "9e770147-a5ca-4a2b-8c1a-2c21b43d07b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32414", "type": "seen", "source": "https://t.me/cvedetector/22392", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32414 - Libxml2 Python API Out-of-Bounds Memory Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32414 \nPublished : April 8, 2025, 3:15 a.m. | 2\u00a0hours, 3\u00a0minutes ago \nDescription : In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters. \nSeverity: 5.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T08:08:10.000000Z"}, {"uuid": "d1cf52cb-60a5-4b9e-9fd0-acff2820496e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3241", "type": "seen", "source": "https://t.me/cvedetector/22110", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3241 - Zhangyanbo2007 Youkefu XML External Entity Reference (XXE) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3241 \nPublished : April 4, 2025, 11:15 a.m. | 40\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4.2.0. This affects an unknown part of the file src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java of the component XML Document Handler. The manipulation of the argument routercontent leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T14:40:15.000000Z"}]}