{"vulnerability": "CVE-2025-4601", "sightings": [{"uuid": "039be642-eb1f-43a0-8a94-67911d677296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46014", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lssohpwhjd25", "content": "", "creation_timestamp": "2025-06-30T07:37:59.909751Z"}, {"uuid": "0eac8749-7ecc-42f4-b91b-1801935e472d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46018", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvdwqll3li2l", "content": "", "creation_timestamp": "2025-08-01T15:11:46.190971Z"}, {"uuid": "0ed795a9-44fb-40b8-a4a9-c706672f5a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lra5woqfwv2r", "content": "", "creation_timestamp": "2025-06-10T05:29:01.424381Z"}, {"uuid": "f9d91eb2-477d-43de-a2eb-d871000c9c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lra6uevy2a2a", "content": "", "creation_timestamp": "2025-06-10T05:45:37.837487Z"}, {"uuid": "13bf8fa0-5ca2-45cd-83b1-def0fa7c7b73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "seen", "source": "Telegram/-QOyMiowJoIyiMyTWDmr53uOV1Gxrf1KetOkwLf9_gvu4z0", "content": "", "creation_timestamp": "2025-06-25T00:39:14.000000Z"}, {"uuid": "a750a2fb-8506-4147-b531-32d97461952c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "published-proof-of-concept", "source": "Telegram/L9NvAnTGGF6o0vkyY3wXSpskvm72yWoKlMeoTLBXCFbPe3k", "content": "", "creation_timestamp": "2025-06-10T21:00:06.000000Z"}, {"uuid": "fb80086b-1d6b-4010-b1cf-7b63ffb5a5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46018", "type": "published-proof-of-concept", "source": "Telegram/c7cbPtmt-wvp58L-ZWyOmaJSC5Jr8mLGQ4OOoqeiUsIBfOk", "content": "", "creation_timestamp": "2025-08-02T09:00:04.000000Z"}, {"uuid": "50cce996-a070-4786-a276-d0c38be8c5c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "seen", "source": "Telegram/V_hoToMNJWitXda3AeStRLzASmqLUaxvEeMJmzsq6dWwPe4", "content": "", "creation_timestamp": "2025-06-10T04:31:28.000000Z"}, {"uuid": "192e3f51-88fe-4b44-b15a-402855ad8730", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "published-proof-of-concept", "source": "Telegram/SuCuNuYYG7YH6LF-PMvjYx2GIDz9A5wanFKy4pWUO100XY8", "content": "", "creation_timestamp": "2025-06-10T04:31:27.000000Z"}, {"uuid": "3e59757f-544b-411c-890f-e805e2706965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46018", "type": "published-proof-of-concept", "source": "Telegram/Fo5WMlHUp_cq9tbJj4rX4mRtIde4Apfwtddxmu6B3bK6Qx8", "content": "", "creation_timestamp": "2025-08-01T15:00:05.000000Z"}, {"uuid": "b409bc77-4ba9-45a0-83de-8cb9ae1ce43c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17822", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4601\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The \"RH - Real Estate WordPress Theme\" theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 4.4.0. This is due to the theme not properly restricting user roles that can be updated as part of the inspiry_update_profile() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to set their role to that of an administrator. The vulnerability was partially patched in version 4.4.0, and fully patched in version 4.4.1.\n\ud83d\udccf Published: 2025-06-10T03:41:38.102Z\n\ud83d\udccf Modified: 2025-06-10T03:41:38.102Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/a816e5a8-2494-4bcf-869d-5214b21f7791?source=cve\n2. https://themeforest.net/item/real-homes-wordpress-real-estate-theme/5373914", "creation_timestamp": "2025-06-10T04:29:31.000000Z"}, {"uuid": "33c3a37c-e532-4962-971c-0d26b53dd2de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46011", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17787", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46011\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Listmonk v4.1.0 (fixed in v5.0.0) is vulnerable to SQL Injection in the QuerySubscribers function which allows attackers to escalate privileges.\n\ud83d\udccf Published: 2025-06-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-09T20:56:28.471Z\n\ud83d\udd17 References:\n1. https://github.com/kevinroleke/security/tree/main/CVE-2025-46011\n2. https://github.com/knadh/listmonk/releases/tag/v5.0.0\n3. https://github.com/knadh/listmonk/commit/4b805f885b9f5a20126ec06f8b59dc448c4af33b\n4. https://github.com/knadh/listmonk/issues/2412\n5. https://github.com/knadh/listmonk/releases/tag/v4.1.0", "creation_timestamp": "2025-06-09T21:32:04.000000Z"}, {"uuid": "88c01c1d-0327-4dc5-8ed3-515d7e833422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46014", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19889", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46014\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistant with default or overly permissive security attributes, leading to a privilege escalation.\n\ud83d\udccf Published: 2025-06-30T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-30T01:42:08.920Z\n\ud83d\udd17 References:\n1. https://github.com/Souhardya/Exploit-PoCs/tree/main/HonorPCManager-PrivEsc", "creation_timestamp": "2025-06-30T01:54:40.000000Z"}, {"uuid": "cf652225-f063-4fa8-abd9-07815c8549a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46018", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/46177", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aDisclosure of CVE-2025-46018: A Bluetooth-based payment bypass vulnerability in CSC Pay Mobile App v2.19.4\\\"\nURL\uff1ahttps://github.com/niranjangaire1995/CVE-2025-46018-CSC-Pay-Mobile-App-Payment-Authentication-Bypass\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-01T12:26:31.000000Z"}, {"uuid": "c222a79e-6082-4ad3-a0bc-bf37ad68b45e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "published-proof-of-concept", "source": "Telegram/3XjFdQnl9XelOVe1uN4E2a4frNC7kETFnR_z5QGqSWjIPjM", "content": "", "creation_timestamp": "2025-06-11T15:00:07.000000Z"}, {"uuid": "774a5c1b-1cbc-474a-87d7-07e5fc5a197f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "seen", "source": "Telegram/EKi3juhW8KdvSrT-C52NnQYma9e80zcUs_26vGBIli1oz3UL", "content": "", "creation_timestamp": "2025-06-25T17:32:32.000000Z"}, {"uuid": "545c9ed8-6d09-495d-bf0e-af285d9acbb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4601", "type": "seen", "source": "Telegram/nVjbyWi1OTQqVrCfCpVg9HGjFoxjWvVL_Heny3L18ja2tx5m", "content": "", "creation_timestamp": "2025-06-25T00:39:13.000000Z"}]}