{"vulnerability": "CVE-2025-46336", "sightings": [{"uuid": "5e9cfa67-9a3f-4a86-bf5e-0ca5a714863f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/dasgeldco.bsky.social/post/3lrkihwqi7x2q", "content": "", "creation_timestamp": "2025-06-14T08:04:15.686225Z"}, {"uuid": "73042598-7d7e-4f9a-abd0-8c5439bd01c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/eldinerolat.bsky.social/post/3lrkiig3zsx27", "content": "", "creation_timestamp": "2025-06-14T08:04:31.427871Z"}, {"uuid": "59a3db0d-9083-43d2-b09e-1c59edfd708a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3looxq3qbky2h", "content": "", "creation_timestamp": "2025-05-08T22:32:26.613715Z"}, {"uuid": "6324f1a4-0154-4306-bd8c-79501f0e8930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/hnws.bsky.social/post/3loqf7eucuv2e", "content": "", "creation_timestamp": "2025-05-09T12:06:10.246119Z"}, {"uuid": "c4f87720-58cb-40d0-8003-cc02cc2f8129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/hn100.bsky.social/post/3loqfcrzs3n2r", "content": "", "creation_timestamp": "2025-05-09T12:08:05.823566Z"}, {"uuid": "f73559ea-ecac-45e9-902c-5f9fcebc83ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3loqnxmuaor2x", "content": "", "creation_timestamp": "2025-05-09T14:42:53.968069Z"}, {"uuid": "9f28f379-2727-43b4-9564-995440f98f61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3loqoh4dzhs2m", "content": "", "creation_timestamp": "2025-05-09T14:51:33.691899Z"}, {"uuid": "b3fae7cc-277b-4533-ad1a-4c4434da0a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3loqomcaumf2x", "content": "", "creation_timestamp": "2025-05-09T14:54:27.464117Z"}, {"uuid": "ff23524d-0d51-46cc-a4c4-b5ac7963c3e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3loqopq2hhy2x", "content": "", "creation_timestamp": "2025-05-09T14:56:22.388526Z"}, {"uuid": "4c33a0cb-6a14-4252-acf3-4dd09b9ea08d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3lor4dmpcsd2k", "content": "", "creation_timestamp": "2025-05-09T19:00:08.715061Z"}, {"uuid": "104b4a04-7b63-4120-a2a6-26f66691dfaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3lor4rjtm6l2k", "content": "", "creation_timestamp": "2025-05-09T19:07:55.401205Z"}, {"uuid": "3de525da-bf06-4a29-91c9-44378f23927a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/appsecfeed.bsky.social/post/3losfhlo37t25", "content": "", "creation_timestamp": "2025-05-10T07:16:05.703357Z"}, {"uuid": "d6620085-b2b4-48dd-988a-3796deceeb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15607", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46336\n\ud83d\udd25 CVSS Score: 4.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. This issue has been patched in version 2.1.1.\n\ud83d\udccf Published: 2025-05-08T19:26:01.638Z\n\ud83d\udccf Modified: 2025-05-08T20:18:38.555Z\n\ud83d\udd17 References:\n1. https://github.com/rack/rack-session/security/advisories/GHSA-9j94-67jr-4cqj\n2. https://github.com/rack/rack/security/advisories/GHSA-vpfw-47h7-xj4g\n3. https://github.com/rack/rack-session/commit/c28c4a8c1861d814e09f2ae48264ac4c40be2d3b", "creation_timestamp": "2025-05-08T20:23:47.000000Z"}, {"uuid": "90332804-6686-40b2-9d4e-50683a393533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3looojp564pw2", "content": "", "creation_timestamp": "2025-05-08T19:48:24.219826Z"}, {"uuid": "26035060-edc2-4214-96d0-4b48f2219ebc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46336", "type": "seen", "source": "https://t.me/cvedetector/24866", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46336 - Rack::Session Pool Session Restoration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46336 \nPublished : May 8, 2025, 8:15 p.m. | 1\u00a0hour, 18\u00a0minutes ago \nDescription : Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. This issue has been patched in version 2.1.1. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-09T00:18:59.000000Z"}]}