{"vulnerability": "CVE-2025-49215", "sightings": [{"uuid": "71228d92-2ef7-4896-8381-65a8044975c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49215", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-372/", "content": "", "creation_timestamp": "2025-06-11T03:00:00.000000Z"}, {"uuid": "c549c49a-80eb-4d75-a4ad-23c08073af3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49215", "type": "seen", "source": "https://social.circl.lu/users/circl/statuses/114703461238347688", "content": "", "creation_timestamp": "2025-06-18T08:38:41.134466Z"}, {"uuid": "06410ea4-c384-4ddc-8985-783017de0571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49215", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrtt3jhcp42u", "content": "", "creation_timestamp": "2025-06-18T01:08:07.932925Z"}, {"uuid": "991b1315-e364-4d78-9397-75144f42a4da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49215", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18756", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49215\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. \n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.\n\ud83d\udccf Published: 2025-06-17T20:28:00.564Z\n\ud83d\udccf Modified: 2025-06-18T14:11:36.236Z\n\ud83d\udd17 References:\n1. https://success.trendmicro.com/en-US/solution/KA-0019928\n2. https://www.zerodayinitiative.com/advisories/ZDI-25-372/", "creation_timestamp": "2025-06-18T14:42:03.000000Z"}, {"uuid": "2a00160d-8060-4709-9402-f9a0a422ff57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49215", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18686", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49218\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H)\n\ud83d\udd39 Description: A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.\n\ud83d\udccf Published: 2025-06-17T20:28:22.211Z\n\ud83d\udccf Modified: 2025-06-18T03:56:12.865Z\n\ud83d\udd17 References:\n1. https://success.trendmicro.com/en-US/solution/KA-0019928\n2. https://www.zerodayinitiative.com/advisories/ZDI-25-375/", "creation_timestamp": "2025-06-18T04:39:50.000000Z"}]}