{"vulnerability": "CVE-2025-4657", "sightings": [{"uuid": "f310f77b-e7eb-490b-a490-7994a1dd1070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46570", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqdcp3xzobo2", "content": "", "creation_timestamp": "2025-05-29T18:07:54.044812Z"}, {"uuid": "e9c8c04e-702e-4ccf-9ac9-5617c6c8e279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46576", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnrd2zpzqp2s", "content": "", "creation_timestamp": "2025-04-27T03:35:26.819645Z"}, {"uuid": "3c0f38f3-373a-449e-95dc-78e5dfa88a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46579", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnrd2ztzwq24", "content": "", "creation_timestamp": "2025-04-27T03:35:27.440718Z"}, {"uuid": "0915cabc-f00f-48c1-bce6-4ce54262dd16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46577", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnrd2zx3dm2j", "content": "", "creation_timestamp": "2025-04-27T03:35:27.998942Z"}, {"uuid": "eb5d6017-27b1-4db9-a41e-4484d460dde6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46574", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnrd326pmn2h", "content": "", "creation_timestamp": "2025-04-27T03:35:29.233089Z"}, {"uuid": "d43d0dac-4b01-47d1-9471-7cf0b5798f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46575", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnrd32bvfu2g", "content": "", "creation_timestamp": "2025-04-27T03:35:29.875420Z"}, {"uuid": "3338ec76-9346-40fe-b920-e7f54dba7bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46578", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnrd32faqr2b", "content": "", "creation_timestamp": "2025-04-27T03:35:30.458203Z"}, {"uuid": "a9c72e81-c00e-4c98-a82f-6878c6f134de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46579", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114407881036637438", "content": "", "creation_timestamp": "2025-04-27T03:48:44.578954Z"}, {"uuid": "b0cac42e-85ea-4588-84d4-904d1bfbad5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46579", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnrgarfkurk2", "content": "", "creation_timestamp": "2025-04-27T04:40:04.469409Z"}, {"uuid": "1d627f3e-2922-4e11-acb7-c1914995a16a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46578", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnrgasbciv72", "content": "", "creation_timestamp": "2025-04-27T04:40:04.990119Z"}, {"uuid": "10da6c94-2d44-44b5-b280-6b2715e0c6cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46577", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnrgatdj4p72", "content": "", "creation_timestamp": "2025-04-27T04:40:05.540209Z"}, {"uuid": "ff96644e-62aa-4a0c-9a88-359a20d9b9b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46576", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnrgavg4fj72", "content": "", "creation_timestamp": "2025-04-27T04:40:06.128788Z"}, {"uuid": "7fa5ac38-8b12-465d-9fc8-d47ab2c6f0f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46575", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnrgawuifp62", "content": "", "creation_timestamp": "2025-04-27T04:40:06.695456Z"}, {"uuid": "51bb05cd-947c-4a66-9dd2-2506e1b3763a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46574", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnrgaxjzz7k2", "content": "", "creation_timestamp": "2025-04-27T04:40:07.236170Z"}, {"uuid": "2550e258-b52d-45d1-bdea-317dfa00cf05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46571", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loh6qrp64b22", "content": "", "creation_timestamp": "2025-05-05T20:16:46.108322Z"}, {"uuid": "15ade195-cb8b-4470-85a3-e08431466608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4657", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3luanlgptrq2k", "content": "", "creation_timestamp": "2025-07-18T14:24:38.732719Z"}, {"uuid": "c87d2406-38c7-4af5-917f-b01d0826e761", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46573", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojwinqaxf2h", "content": "", "creation_timestamp": "2025-05-06T22:26:59.589325Z"}, {"uuid": "b83ff3da-6712-4eb0-9c0c-e290ad72cc28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46572", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lojwio5sql2w", "content": "", "creation_timestamp": "2025-05-06T22:27:02.060897Z"}, {"uuid": "c4020bb0-1c49-454c-b41d-d2d090288685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46573", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lok3r36xwif2", "content": "", "creation_timestamp": "2025-05-07T00:03:22.436743Z"}, {"uuid": "b917af11-0cb4-4599-a719-aa7e7ba376c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46572", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lok3r36avxf2", "content": "", "creation_timestamp": "2025-05-07T00:04:30.172163Z"}, {"uuid": "ccbe62e3-597a-4135-a225-70fa95aea930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4657", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lu6swtibf62j", "content": "", "creation_timestamp": "2025-07-17T20:55:10.426756Z"}, {"uuid": "f38d19ef-a7cc-49c0-9cdb-2620b08bfcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4657", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3luarr5yius2e", "content": "", "creation_timestamp": "2025-07-18T15:39:29.232488Z"}, {"uuid": "af092c31-1fc8-4bd8-9986-d0b25bdf04b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4657", "type": "seen", "source": "MISP/a3c5beab-b790-4171-8b4c-02c8a9678071", "content": "", "creation_timestamp": "2025-07-22T03:54:24.000000Z"}, {"uuid": "2807f6c7-c2b3-4e6e-a994-724f2096f961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46575", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13598", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46575\n\ud83d\udd25 CVSS Score: 4.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.\n\ud83d\udccf Published: 2025-04-27T01:12:36.738Z\n\ud83d\udccf Modified: 2025-04-27T01:12:36.738Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4693390139849392205", "creation_timestamp": "2025-04-27T02:08:59.000000Z"}, {"uuid": "96c60725-8443-4c2d-bf83-00337c39939e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4657", "type": "seen", "source": "MISP/a3c5beab-b790-4171-8b4c-02c8a9678071", "content": "", "creation_timestamp": "2025-09-09T11:53:45.000000Z"}, {"uuid": "ac5f0a52-1ba5-4eaa-8cbd-5bb0cb8924c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46577", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13594", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46577\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information.\n\ud83d\udccf Published: 2025-04-27T01:21:27.266Z\n\ud83d\udccf Modified: 2025-04-27T01:39:39.095Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1036467615091601469", "creation_timestamp": "2025-04-27T02:08:56.000000Z"}, {"uuid": "ec5c09a4-6bbb-473e-b590-a5470c47f9c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46576", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13597", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46576\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content.\n\ud83d\udccf Published: 2025-04-27T01:16:37.005Z\n\ud83d\udccf Modified: 2025-04-27T01:17:04.904Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1036467615091601464", "creation_timestamp": "2025-04-27T02:08:58.000000Z"}, {"uuid": "4f392c0a-ad47-4422-890f-cd4bfb2f20ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46574", "type": "seen", "source": "https://t.me/cvedetector/23824", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46574 - GoldenDB Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-46574 \nPublished : April 27, 2025, 2:15 a.m. | 1\u00a0hour, 57\u00a0minutes ago \nDescription : There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T06:17:39.000000Z"}, {"uuid": "678c008f-4cef-4ce6-bd7e-6b5a7bac3a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46574", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13599", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46574\n\ud83d\udd25 CVSS Score: 4.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.\n\ud83d\udccf Published: 2025-04-27T01:07:29.152Z\n\ud83d\udccf Modified: 2025-04-27T01:07:30.168Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4693390139849392200", "creation_timestamp": "2025-04-27T02:09:03.000000Z"}, {"uuid": "c30c5ebc-f81d-4c74-b434-fa0a8a9dc763", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46578", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13596", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46578\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.\n\ud83d\udccf Published: 2025-04-27T01:30:44.458Z\n\ud83d\udccf Modified: 2025-04-27T01:30:44.990Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4693390139849392210", "creation_timestamp": "2025-04-27T02:08:57.000000Z"}, {"uuid": "27d24505-01e3-4b61-b639-010da2823972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46579", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13595", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46579\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.\n\ud83d\udccf Published: 2025-04-27T01:34:35.034Z\n\ud83d\udccf Modified: 2025-04-27T01:34:35.034Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1036467615091601474", "creation_timestamp": "2025-04-27T02:08:56.000000Z"}, {"uuid": "6f8c96b3-2c49-4af0-a289-cce219aad228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46572", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16202", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46572\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by crafting a SAMLResponse. This can be done by using a valid SAML object that was signed by the configured IdP. Users are affected specifically when the service provider is using passport-wsfed-saml2 and a valid SAML document signed by the Identity Provider can be obtained. Version 4.6.4 contains a fix for the vulnerability.\n\ud83d\udccf Published: 2025-05-06T20:18:26.379Z\n\ud83d\udccf Modified: 2025-05-13T19:17:06.822Z\n\ud83d\udd17 References:\n1. https://github.com/auth0/passport-wsfed-saml2/security/advisories/GHSA-wjmp-wphq-jvqf\n2. https://github.com/auth0/passport-wsfed-saml2/commit/e5cf3cc2a53748207f7a81bfba9195c8efa94181", "creation_timestamp": "2025-05-13T19:30:57.000000Z"}, {"uuid": "6f1fd820-fabc-4a3e-a757-164391b80b9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46577", "type": "seen", "source": "https://t.me/cvedetector/23823", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46577 - GoldenDB Database SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46577 \nPublished : April 27, 2025, 2:15 a.m. | 1\u00a0hour, 57\u00a0minutes ago \nDescription : There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T06:17:38.000000Z"}, {"uuid": "5b80c6a7-2422-4077-954d-9c3df476248d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46576", "type": "seen", "source": "https://t.me/cvedetector/23822", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46576 - GoldenDB Database Permission Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46576 \nPublished : April 27, 2025, 2:15 a.m. | 1\u00a0hour, 57\u00a0minutes ago \nDescription : There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T06:17:34.000000Z"}, {"uuid": "44ee69bb-3a5d-4871-80be-a26a43fcbf7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46579", "type": "seen", "source": "https://t.me/cvedetector/23820", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46579 - GoldenDB DDE Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46579 \nPublished : April 27, 2025, 2:15 a.m. | 1\u00a0hour, 57\u00a0minutes ago \nDescription : There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T06:17:33.000000Z"}, {"uuid": "849a7390-7466-4bc8-b789-36f964b4c130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46578", "type": "seen", "source": "https://t.me/cvedetector/23819", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46578 - GoldenDB Database SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46578 \nPublished : April 27, 2025, 2:15 a.m. | 1\u00a0hour, 57\u00a0minutes ago \nDescription : There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T06:17:32.000000Z"}, {"uuid": "05c50aef-d71d-432c-b019-33b348f8cf2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46572", "type": "seen", "source": "https://t.me/cvedetector/24647", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46572 - Auth0 Passport-wsfed-saml2 SAML Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-46572 \nPublished : May 6, 2025, 9:16 p.m. | 59\u00a0minutes ago \nDescription : passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user in the Auth0 tenant during SAML authentication by crafting a SAMLResponse. This can be done by using a valid SAML object that was signed by the configured IdP. Users are affected specifically when the service provider is using passport-wsfed-saml2 and a valid SAML document signed by the Identity Provider can be obtained. Version 4.6.4 contains a fix for the vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T00:31:23.000000Z"}, {"uuid": "39faf55e-df32-4be7-b680-98bc6df9fccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46571", "type": "seen", "source": "https://t.me/cvedetector/24476", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46571 - Open WebUI Unauthenticated JavaScript File Upload to Admin RCE\", \n  \"Content\": \"CVE ID : CVE-2025-46571 \nPublished : May 5, 2025, 7:15 p.m. | 20\u00a0minutes ago \nDescription : Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.6, low privileged users can upload HTML files which contain JavaScript code via the `/api/v1/files/` backend endpoint. This endpoint returns a file id, which can be used to open the file in the browser and trigger the JavaScript code in the user's browser. Under the default settings, files uploaded by low-privileged users can only be viewed by admins or themselves, limiting the impact of this vulnerability. A link to such a file can be sent to an admin, and if clicked, will give the low-privileged user complete control over the admin's account, ultimately enabling RCE via functions. Version 0.6.6 contains a fix for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T21:44:12.000000Z"}, {"uuid": "072675d2-650f-465a-a3f7-d93d248bbeba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46575", "type": "seen", "source": "https://t.me/cvedetector/23821", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46575 - GoldenDB Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46575 \nPublished : April 27, 2025, 2:15 a.m. | 1\u00a0hour, 57\u00a0minutes ago \nDescription : There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T06:17:34.000000Z"}, {"uuid": "3202313b-14f4-40ca-97fe-9076d120d338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46579", "type": "seen", "source": "Telegram/GpkMenJKORMRTyGn__tovnUC1GugUYF1oUM8Jfs6Z_XnWoI", "content": "", "creation_timestamp": "2025-04-27T04:30:49.000000Z"}, {"uuid": "db1447f9-b7cb-4d3d-b650-e3c0c2a8571f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46573", "type": "seen", "source": "https://t.me/cvedetector/24648", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46573 - OpenSAMLPassport-WSFed Impersonation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46573 \nPublished : May 6, 2025, 9:16 p.m. | 59\u00a0minutes ago \nDescription : passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response. This can be done by adding attributes to the response. Users are affected specifically when the service provider is using `passport-wsfed-saml2` and a valid SAML Response signed by the Identity Provider can be obtained. Version 4.6.4 contains a fix for the vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-07T00:31:23.000000Z"}]}