{"vulnerability": "CVE-2025-50154", "sightings": [{"uuid": "739cecac-b319-4fce-a5d9-8887696502d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-501547", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0251", "content": "", "creation_timestamp": "2025-08-13T05:25:08.000000Z"}, {"uuid": "7afb64e1-e7a1-4e7b-a9c4-8e15e3aa0b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/secqube.com/post/3lz3czyo5652e", "content": "", "creation_timestamp": "2025-09-18T02:38:35.697357Z"}, {"uuid": "e25286f3-e32b-4c57-a5ea-39402280add6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lw7udlbtfw25", "content": "", "creation_timestamp": "2025-08-12T17:43:14.885979Z"}, {"uuid": "67c3b2df-95b4-44ec-9055-d9e0de1e4fa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lw7uxrrppy2r", "content": "", "creation_timestamp": "2025-08-12T17:54:32.732437Z"}, {"uuid": "0dc30c46-3983-4abd-8e15-77c4e55008c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/115021138181816692", "content": "", "creation_timestamp": "2025-08-13T11:08:06.631928Z"}, {"uuid": "be38c1d1-43c0-43b6-9b33-401bb3eca2e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://www.thezdi.com/blog/2025/8/12/the-august-2025-security-update-review", "content": "", "creation_timestamp": "2025-08-12T16:01:32.000000Z"}, {"uuid": "1cddc051-f7d4-4491-a5e1-83e0a9b609e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-50154", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lwadsojlmg2p", "content": "", "creation_timestamp": "2025-08-12T22:20:07.753889Z"}, {"uuid": "56255e1b-9902-4a6e-9e3d-e375d0d3f350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/r-redteamsec.bsky.social/post/3lwajwckkaa2c", "content": "", "creation_timestamp": "2025-08-13T00:09:31.807853Z"}, {"uuid": "8164ab3b-8a87-41d3-b864-04a9bdfffc41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-50154", "type": "seen", "source": "https://infosec.exchange/users/obivan/statuses/115021233509830780", "content": "", "creation_timestamp": "2025-08-13T11:32:20.507112Z"}, {"uuid": "abb430aa-1379-4900-9e09-711bce3d70ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-50154", "type": "seen", "source": "https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3lwbq3d7g47a2", "content": "", "creation_timestamp": "2025-08-13T11:34:20.939973Z"}, {"uuid": "50609636-8ffe-4607-8e4b-2048abc1690e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/115026800002667211", "content": "", "creation_timestamp": "2025-08-14T11:07:59.607192Z"}, {"uuid": "a4a6dd57-0365-4a88-9da4-31c28913c9ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/warthogtk.bsky.social/post/3lwcle6hiwm2a", "content": "", "creation_timestamp": "2025-08-13T19:40:30.460595Z"}, {"uuid": "599a41e4-e0ba-4b40-a2bb-68eb48c64593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lwcmy2zwkm2f", "content": "", "creation_timestamp": "2025-08-13T20:09:31.600146Z"}, {"uuid": "f5fb2433-37b8-4982-b948-1b7e555da8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/sambowne.infosec.exchange.ap.brid.gy/post/3lwcsgmrolop2", "content": "", "creation_timestamp": "2025-08-13T21:47:41.735478Z"}, {"uuid": "fb31b14f-6bcb-48a2-9de2-511f5b845593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/areyou1or0.com/post/3lwdwnzbzxc2h", "content": "", "creation_timestamp": "2025-08-14T08:35:34.362657Z"}, {"uuid": "9641fcc8-4543-45da-84dd-bbd79ca136be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-50154", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/115029169415661232", "content": "", "creation_timestamp": "2025-08-14T21:10:32.538524Z"}, {"uuid": "c3069524-ebd9-413b-bc27-675086810cf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/jonmartini.bsky.social/post/3lwunmth7zc2r", "content": "", "creation_timestamp": "2025-08-21T00:09:06.300694Z"}, {"uuid": "d33148f0-9aba-4ff1-ab21-b236c1aece5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-50154", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-305f279e-ca354e96bb83ee0f", "content": "", "creation_timestamp": "2025-08-15T14:13:07.313815Z"}, {"uuid": "0641d67e-c8b6-477d-83a2-e79f25edbfc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwhquyt64u2v", "content": "", "creation_timestamp": "2025-08-15T21:02:43.660645Z"}, {"uuid": "b974d55c-a6ed-46f5-8f2f-dbf958669de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-50154", "type": "seen", "source": "https://mastodon.social/users/verbrecher/statuses/115035105752310924", "content": "", "creation_timestamp": "2025-08-15T22:20:14.329305Z"}, {"uuid": "8b6898ce-219b-4d6b-8567-7e5bb3496b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lwrhm2izzj2o", "content": "", "creation_timestamp": "2025-08-19T17:43:16.083490Z"}, {"uuid": "bdfdca34-6f53-4de1-ad33-37b6055566f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lwrp5ghwvy2k", "content": "", "creation_timestamp": "2025-08-19T19:58:15.152541Z"}, {"uuid": "f62f885b-5e65-4362-9eee-bd78bdfd1796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrsq37qzj2w", "content": "", "creation_timestamp": "2025-08-19T21:02:36.616520Z"}, {"uuid": "e80c3b44-818c-49c9-a0cf-179a22c57410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/netalexx.bsky.social/post/3lwru4eqcwc22", "content": "", "creation_timestamp": "2025-08-19T21:27:09.531947Z"}, {"uuid": "2b1648bf-ef20-4c14-93c9-c5655da0a6a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lwsbljjdcu2w", "content": "", "creation_timestamp": "2025-08-20T01:28:16.319468Z"}, {"uuid": "f687147c-884a-4164-95b9-9dda312dcac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-964/", "content": "", "creation_timestamp": "2025-10-27T04:00:00.000000Z"}, {"uuid": "25782ded-4389-42e5-a0a9-89639d768c29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-50154", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3m3gmndell62v", "content": "", "creation_timestamp": "2025-10-18T01:20:08.312357Z"}, {"uuid": "6de82343-c310-4a05-a697-7573292a12b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://gist.github.com/Darkcrai86/0d0a4c09252702ac5a82fd306980ad01", "content": "", "creation_timestamp": "2025-09-04T11:25:43.000000Z"}, {"uuid": "4e1f5301-2bee-4306-b178-95f3cd8acba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/574", "content": "Top Security News for Today\n\nNew Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises  \nhttps://www.trendmicro.com/en_us/research/25/h/new-ransomware-charon.html\n\nThe \u201cIncriminating Video\u201d Scam  \nhttps://www.schneier.com/blog/archives/2025/08/the-incriminating-video-scam.html\n\nSecond ransomware attack in two months disrupts South Korean ticketing giant  \nhttps://therecord.media/yes24-second-ransomware-attack-kpop-ticketing-affected\n\nTwo Pwnie Awards, One Crucial Lesson: What Our OpenSSH Research Reveals About Cyber Defense in 2025  \nhttps://blog.qualys.com/qualys-insights/2025/08/12/two-pwnie-awards-one-crucial-lesson-what-our-openssh-research-reveals-about-cyber-defense-in-2025\n\nNew Charon ransomware targets Middle East public sector, aviation firms  \nhttps://therecord.media/charon-ransomware-targeting-middle-east-aviation\n\nDEF CON volunteers step up to help water sector after China, Iran attack utilities  \nhttps://therecord.media/def-con-franklin-water-utility-cybersecurity-volunteers\n\nDow\u2019s 125-year legacy: Innovating with AI to secure a long future  \nhttps://www.microsoft.com/en-us/security/blog/2025/08/12/dows-125-year-legacy-innovating-with-ai-to-secure-a-long-future/\n\nZero Click, One NTLM: Microsoft Security Patch Bypass (CVE-2025-50154)  \nhttps://www.reddit.com/r/netsec/comments/1mof7r5/zero_click_one_ntlm_microsoft_security_patch/\n\nMicrosoft and Adobe Patch Tuesday, August 2025 Security Update Review  \nhttps://blog.qualys.com/vulnerabilities-threat-research/2025/08/12/microsoft-and-adobe-patch-tuesday-august-2025-security-update-review\n\nMicrosoft Patch Tuesday, August 2025 Edition  \nhttps://krebsonsecurity.com/2025/08/microsoft-patch-tuesday-august-2025-edition/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-08-13T09:30:21.000000Z"}, {"uuid": "8be416ee-89cd-4aeb-af53-198595b12882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://bsky.app/profile/opswat.bsky.social/post/3meoqfklff52n", "content": "", "creation_timestamp": "2026-02-12T19:35:27.256776Z"}, {"uuid": "15b98409-d3f7-4cc1-ac00-ed0cfea5f1ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "published-proof-of-concept", "source": "Telegram/AkekwbTcW4b862-Wz-kCwCfO2hNT9DPvWjvTmkScRkmOVGo", "content": "", "creation_timestamp": "2025-08-14T21:30:50.000000Z"}, {"uuid": "c7ab3c34-c38f-463d-acc4-22b7da941b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "published-proof-of-concept", "source": "Telegram/qP4ATtXqVjZ2NQNBpFxFUpCqNtRkP8nG37QRNXEozXO3oQg", "content": "", "creation_timestamp": "2025-08-13T11:00:09.000000Z"}, {"uuid": "205e784d-9874-4c7a-9439-5a028681ad56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "Telegram/TR26JPamabQCPfOhS5veNYgHqPNnBfJVv8qfNoaiAk_lOA", "content": "", "creation_timestamp": "2025-08-18T17:36:33.000000Z"}, {"uuid": "d665fd98-e5c6-4346-b6d4-53c451903150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "Telegram/OkdNTIJRF9Ug_BmS0lK_g7aTeYfTunvdBTP79vgb90uLPQ", "content": "", "creation_timestamp": "2025-08-18T17:36:34.000000Z"}, {"uuid": "cad42ab4-75c3-4d76-99a3-d304f239dae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/47550", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPOC for CVE-2025-50154, a Zero Day Vulnerability Leaking NTLM Challenge in 0 Click. It is a bypass for the CVE-2025-24054 Security Patch\nURL\uff1ahttps://github.com/rubenformation/CVE-2025-50154\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-13T08:43:26.000000Z"}, {"uuid": "7c7c123d-0829-45f1-858b-be841516db91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://t.me/P0x3k_1N73LL1G3NC3/153", "content": "Zero Click, One NTLM: Microsoft Security Patch Bypass (CVE-2025-50154)\n\nCVE-2025-50154 allows an attacker to extract NTLM hashes without any user interaction, even on fully patched systems. By exploiting a subtle gap left in the mitigation, an attacker can trigger NTLM authentication requests automatically, enabling offline cracking or relay attacks to gain unauthorized access.", "creation_timestamp": "2025-08-13T08:58:46.000000Z"}, {"uuid": "e4f4048d-89f7-4087-a1aa-8a1a184c87c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "seen", "source": "https://t.me/GhostHeck/191", "content": "Zero Click, One NTLM: Microsoft Security Patch Bypass (CVE-2025-50154)\n\nCVE-2025-50154 allows an attacker to extract NTLM hashes without any user interaction, even on fully patched systems. By exploiting a subtle gap left in the mitigation, an attacker can trigger NTLM authentication requests automatically, enabling offline cracking or relay attacks to gain unauthorized access.", "creation_timestamp": "2025-08-14T05:34:45.000000Z"}, {"uuid": "181556d7-cf5d-4041-a721-054e70025ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50154", "type": "published-proof-of-concept", "source": "Telegram/0ZbDi1BEJ5MKsJqfuMVHwXbByqnv1-nFI5hW5HW2uwELHB4", "content": "", "creation_timestamp": "2025-08-13T15:00:06.000000Z"}]}