{"vulnerability": "CVE-2025-3289", "sightings": [{"uuid": "ba39cea8-11a3-45fc-9635-be8825bf6740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32897", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lsoptozbyc2o", "content": "", "creation_timestamp": "2025-06-28T17:51:56.644782Z"}, {"uuid": "3fe7e6ed-e680-4551-931c-2ac8c375b458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lsod65alfc23", "content": "", "creation_timestamp": "2025-06-28T14:05:11.646200Z"}, {"uuid": "5672f7c1-19c5-4854-b3a3-a04bdaa7b5f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3289", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114308189037550499", "content": "", "creation_timestamp": "2025-04-09T13:15:46.104358Z"}, {"uuid": "b3a8b64e-ad75-4ae7-9195-9d670911f0ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3289", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmd756lrd62i", "content": "", "creation_timestamp": "2025-04-08T19:22:40.611931Z"}, {"uuid": "a7c626a6-80a4-4464-a823-b4b740c0d6cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32897", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsp74pz4ln25", "content": "", "creation_timestamp": "2025-06-28T22:25:25.556672Z"}, {"uuid": "d2f8f5ea-5159-4580-8e54-38bc3a7ce39f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3289", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-07", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "50d3b9f8-cb3d-45fe-961e-326fca04a21a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32897", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/285", "content": "", "creation_timestamp": "2025-06-28T15:19:03.000000Z"}, {"uuid": "f9451517-eddf-456c-96b2-e4677b01fc53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32897", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ltfogaxk2c2e", "content": "", "creation_timestamp": "2025-07-07T20:57:46.362701Z"}, {"uuid": "23a886d2-6302-44e0-a65c-681937f65884", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lmo6spbxrd2t", "content": "", "creation_timestamp": "2025-04-13T04:16:00.760650Z"}, {"uuid": "2713b0c7-51f4-49b1-9039-5281c09adb3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lmmqx6teob2n", "content": "", "creation_timestamp": "2025-04-12T14:35:18.423036Z"}, {"uuid": "cd785fc1-7138-4112-a311-0b7273903310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmrougeuvc2n", "content": "", "creation_timestamp": "2025-04-14T13:41:18.526551Z"}, {"uuid": "24e6816f-e799-4fdb-9f75-313512340402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ls273wly6s2w", "content": "", "creation_timestamp": "2025-06-20T13:59:09.837580Z"}, {"uuid": "07eb5da1-dc0f-45ff-85fe-4ba7c838864e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lmpoc4ntrd2n", "content": "", "creation_timestamp": "2025-04-13T18:25:43.506904Z"}, {"uuid": "a5e66c62-3bbe-42ee-bb12-51fcc9af06cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmqmyqv6vc2y", "content": "", "creation_timestamp": "2025-04-14T03:35:15.393170Z"}, {"uuid": "b6cdde59-431b-4e8d-ad1e-6355a5aad6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrzqrpogqan2", "content": "", "creation_timestamp": "2025-06-20T09:42:55.811570Z"}, {"uuid": "f1ae131e-d097-42c2-9085-402ad7e5131c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/paxioncyber.bsky.social/post/3lrzwnazvsk2t", "content": "", "creation_timestamp": "2025-06-20T11:27:52.032237Z"}, {"uuid": "2c9870c5-154f-4fbe-b8c9-84674021189d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32897", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lt2jsg2gz52x", "content": "", "creation_timestamp": "2025-07-03T10:35:48.632195Z"}, {"uuid": "8e0b4357-5d6f-43a3-87a9-1a0eeded0bdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrxom2wa2p2r", "content": "", "creation_timestamp": "2025-06-19T13:58:32.873636Z"}, {"uuid": "1741b153-e771-400c-8489-6d95a309c47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32890", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14353", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32890\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AC:H/AV:A/A:N/C:N/I:H/PR:N/S:U/UI:N)\n\ud83d\udd39 Description: An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message.\n\ud83d\udccf Published: 2025-05-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T17:54:46.317Z\n\ud83d\udd17 References:\n1. https://gotenna.com\n2. https://github.com/Dollarhyde/goTenna_v1_and_Mesh_vulnerabilities", "creation_timestamp": "2025-05-01T18:15:49.000000Z"}, {"uuid": "7e8f06dd-9137-4885-b632-ede743a95be3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3289", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10932", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3289\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A local code execution vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file.\n\ud83d\udccf Published: 2025-04-08T15:34:20.927Z\n\ud83d\udccf Modified: 2025-04-08T15:34:20.927Z\n\ud83d\udd17 References:\n1. https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1726.html", "creation_timestamp": "2025-04-08T15:47:05.000000Z"}, {"uuid": "0a1f6985-6675-433e-be5e-95a8262bc76a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32898", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m77wf6izvj2n", "content": "", "creation_timestamp": "2025-12-05T07:06:40.608971Z"}, {"uuid": "4b824387-81b2-4eb9-bec7-e1ca69037966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32897", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19827", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32897\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).\n\nThis security vulnerability is the same as CVE-2024-47552, but the version range described in the CVE-2024-47552 definition is too narrow.\nThis issue affects Apache Seata (incubating): from 2.0.0 before 2.3.0.\n\nUsers are recommended to upgrade to version 2.3.0, which fixes the issue.\n\ud83d\udccf Published: 2025-06-28T18:25:18.312Z\n\ud83d\udccf Modified: 2025-06-28T18:25:18.312Z\n\ud83d\udd17 References:\n1. https://www.cve.org/CVERecord?id=CVE-2024-47552\n2. https://lists.apache.org/thread/9fhtf7yvpjpzlwd1m0wfgg6tp2btxpy1", "creation_timestamp": "2025-06-28T18:54:37.000000Z"}, {"uuid": "117d26fa-ad90-4b40-bbe7-91d29d292bad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32896", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18968", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32896\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: # Summary\n\nUnauthorized users can perform Arbitrary File Read and Deserialization\nattack by submit job using restful api-v1.\n\n# Details\nUnauthorized users can access `/hazelcast/rest/maps/submit-job` to submit\njob.\nAn attacker can set extra params in mysql url to perform Arbitrary File\nRead and Deserialization attack.\n\nThis issue affects Apache SeaTunnel: <=2.3.10\n\n# Fixed\n\nUsers are recommended to upgrade to version 2.3.11, and enable restful api-v2 & open https two-way authentication , which fixes the issue.\n\ud83d\udccf Published: 2025-06-19T10:38:37.159Z\n\ud83d\udccf Modified: 2025-06-20T13:53:28.835Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/qvh3zyt1jr25rgvw955rb8qjrnbxfro9\n2. https://github.com/apache/seatunnel/pull/9010", "creation_timestamp": "2025-06-20T14:43:44.000000Z"}]}