{"vulnerability": "CVE-2025-46421", "sightings": [{"uuid": "ac1a5bb0-ee56-4311-ab77-44c930887c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46421", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13217", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46421\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.\n\ud83d\udccf Published: 2025-04-24T13:01:24.589Z\n\ud83d\udccf Modified: 2025-04-24T13:01:24.589Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-46421\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2361962", "creation_timestamp": "2025-04-24T13:05:58.000000Z"}, {"uuid": "49915967-dca3-470e-bf7e-28c118bd9e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46421", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114393337184532437", "content": "", "creation_timestamp": "2025-04-24T14:10:02.760045Z"}, {"uuid": "f5e2b575-5f49-408e-aa66-a0dad5123e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46421", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnkt4xbh6232", "content": "", "creation_timestamp": "2025-04-24T14:16:48.191819Z"}, {"uuid": "365c26ad-42ab-400a-ad57-7da494e816f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46421", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnl2ovt4bx2t", "content": "", "creation_timestamp": "2025-04-24T15:49:30.305105Z"}, {"uuid": "fc24e83f-c23f-45aa-817f-0e7764851275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46421", "type": "seen", "source": "https://t.me/cvedetector/23675", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46421 - Apache Libsoup HTTP Authorization Header Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46421 \nPublished : April 24, 2025, 1:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T17:14:41.000000Z"}]}