{"vulnerability": "CVE-2025-5288", "sightings": [{"uuid": "d4cfa129-1cc0-40d8-af81-1b5fce42825c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/37", "content": "", "creation_timestamp": "2025-07-12T09:06:00.000000Z"}, {"uuid": "bffc5b07-ec88-44af-a1f5-bb2ba652cf10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52887", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsjtasjsuw2u", "content": "", "creation_timestamp": "2025-06-26T19:09:38.698335Z"}, {"uuid": "6a073f86-1f95-4ffc-9c61-dcea09fbe61b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/138", "content": "", "creation_timestamp": "2025-11-05T08:57:06.000000Z"}, {"uuid": "a890be32-df77-43ed-9c24-8d250aa6d85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ltrbnngwnx2h", "content": "", "creation_timestamp": "2025-07-12T11:41:11.901831Z"}, {"uuid": "4aef1842-144e-4bac-bc45-3afde9540d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5288", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrhnonfwpx2u", "content": "", "creation_timestamp": "2025-06-13T04:59:29.700268Z"}, {"uuid": "cb0d7be2-6fdd-4d0e-865a-d0ad3d654cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ltpyd2svfa2m", "content": "", "creation_timestamp": "2025-07-11T23:21:33.315791Z"}, {"uuid": "58b4537e-605b-4f58-866c-ef52f9cad3c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52882", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsf4ntyp4n2u", "content": "", "creation_timestamp": "2025-06-24T22:14:41.568983Z"}, {"uuid": "7b324b5b-4d81-45c3-9649-1b87580710cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52880", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsf4sdfiyv2s", "content": "", "creation_timestamp": "2025-06-24T22:17:11.807064Z"}, {"uuid": "1b392cab-0099-46f0-ac01-619bd0f949e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52884", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsf4x7qzc72m", "content": "", "creation_timestamp": "2025-06-24T22:19:55.887357Z"}, {"uuid": "006a4f69-664d-4fe3-9cf0-0762190a3b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52888", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsf5qxgm7c2o", "content": "", "creation_timestamp": "2025-06-24T22:34:19.496045Z"}, {"uuid": "f5a57948-57b6-4f30-a8c0-24eb198031a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52883", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsf5zvtylg2a", "content": "", "creation_timestamp": "2025-06-24T22:39:19.781991Z"}, {"uuid": "aaad9335-0647-4906-a7be-d90616ca5db0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52885", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/27", "content": "", "creation_timestamp": "2025-10-13T19:35:30.000000Z"}, {"uuid": "593b33d9-2542-4cd9-a717-224531b703bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m4uu364gd32h", "content": "", "creation_timestamp": "2025-11-05T10:35:36.924809Z"}, {"uuid": "b2be8ffe-eb58-44c3-9a6a-f54118ac74b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsypw5eymy2m", "content": "", "creation_timestamp": "2025-07-02T17:19:56.346016Z"}, {"uuid": "3ab30d07-7e31-427a-add6-652036247632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/36", "content": "", "creation_timestamp": "2025-07-11T21:03:43.000000Z"}, {"uuid": "30e69931-785b-4b72-a167-c4e2e5363c2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3m5jzkgfbhh2b", "content": "", "creation_timestamp": "2025-11-13T20:39:32.565651Z"}, {"uuid": "d01843ad-7981-409a-9ae2-8fc39ecbd8fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/lobsters-feed.bsky.social/post/3m4vk4i6c3e2n", "content": "", "creation_timestamp": "2025-11-05T17:10:04.667458Z"}, {"uuid": "2fb04630-b200-48a4-b185-28ab4590168d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lv2ysu7hak2q", "content": "", "creation_timestamp": "2025-07-29T01:54:52.441955Z"}, {"uuid": "900588fa-ff50-469c-a840-5e10ba1c6868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/crowdcyber.bsky.social/post/3m4zhddekwl2v", "content": "", "creation_timestamp": "2025-11-07T06:30:51.486092Z"}, {"uuid": "4c201004-7eb4-4f80-ab76-2e2e1003bcf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvsysfggkc2y", "content": "", "creation_timestamp": "2025-08-07T14:58:34.022541Z"}, {"uuid": "a68af6de-777a-4e6a-b896-cbe6a382c3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-52881", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4yzvkz3ung2", "content": "", "creation_timestamp": "2025-11-07T02:30:48.649271Z"}, {"uuid": "a2e0a150-02a3-42b1-b55b-a5b0b422c381", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://mstdn.social/users/jschauma/statuses/115497683553103053", "content": "", "creation_timestamp": "2025-11-05T14:59:52.450199Z"}, {"uuid": "89c30d9d-9fd2-45ad-a6c0-3b4e7e3cbfe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3m57n3r3lqk2m", "content": "", "creation_timestamp": "2025-11-09T17:29:58.889163Z"}, {"uuid": "f7d5c259-006f-42f6-af73-092a14ef161d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m4zlknnvfo2s", "content": "", "creation_timestamp": "2025-11-07T07:46:31.998036Z"}, {"uuid": "f5a49339-1d81-4df3-a178-3583acd63877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/technews4869.bsky.social/post/3m5kru4n4r52k", "content": "", "creation_timestamp": "2025-11-14T03:54:27.481961Z"}, {"uuid": "ddf8f4a2-0150-4bb8-9f4d-3a9d2fe8aec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3m4vmtpvavbw2", "content": "", "creation_timestamp": "2025-11-05T17:58:55.289864Z"}, {"uuid": "74e262d9-d550-4c6e-8e47-5eae0f812c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3m5rvwzdn3c2o", "content": "", "creation_timestamp": "2025-11-16T23:56:21.426226Z"}, {"uuid": "f836228e-2fac-4a35-8971-e8deaedbbdb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52889", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvyc46x65k2r", "content": "", "creation_timestamp": "2025-08-09T17:28:24.877491Z"}, {"uuid": "95ccc970-65b9-4b70-91ba-79e12a90e308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3m5dhjbsrlq2m", "content": "", "creation_timestamp": "2025-11-11T06:00:48.063120Z"}, {"uuid": "5ff2fb4a-62c1-4b15-bc12-bc2db645d7c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3m54r4q6bn225", "content": "", "creation_timestamp": "2025-11-08T14:04:06.764999Z"}, {"uuid": "f4b3dbed-06e0-4d85-8701-74fd455bf4e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/topickapp.bsky.social/post/3m5frftmbca22", "content": "", "creation_timestamp": "2025-11-12T04:03:09.269968Z"}, {"uuid": "c4859169-1f7c-42ab-a3d5-49911ca7605e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3m4w4idjgus22", "content": "", "creation_timestamp": "2025-11-05T22:38:49.469916Z"}, {"uuid": "c8e7877b-a638-4220-8b8b-52d6b291652f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3m4wkasrf2k2t", "content": "", "creation_timestamp": "2025-11-06T02:45:09.360325Z"}, {"uuid": "39d60ac6-fd4e-4f89-af0f-f7dd5cbd10ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://schleuss.online/users/vulnbot/statuses/115508745643459318", "content": "", "creation_timestamp": "2025-11-07T13:53:07.015786Z"}, {"uuid": "ae45b3df-7f3c-4863-8e9d-ac0b05e3b937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3m5akqvnh3k2o", "content": "", "creation_timestamp": "2025-11-10T02:20:45.963865Z"}, {"uuid": "67eeac6e-449b-44ae-aba8-446d0cce9c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52885", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4xd2ufeyz2z", "content": "", "creation_timestamp": "2025-11-06T10:09:12.351654Z"}, {"uuid": "42458a60-7db6-4d12-8e72-6820e17c501b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://schleuss.online/users/vulnbot/statuses/115509020963066977", "content": "", "creation_timestamp": "2025-11-07T15:03:08.605255Z"}, {"uuid": "027f11fb-d607-4e5f-a553-6fd120648832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52885", "type": "seen", "source": "https://gist.github.com/Darkcrai86/6592abf9e437de168039f26a5ff47fc2", "content": "", "creation_timestamp": "2025-11-06T09:52:06.000000Z"}, {"uuid": "6527c7b3-04ef-4030-9fe4-9f817a1cd8cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m52gkem42z2y", "content": "", "creation_timestamp": "2025-11-07T15:49:33.007204Z"}, {"uuid": "f2815ce8-99ed-47de-91bf-f88dcf2f7c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/115530729480225730", "content": "", "creation_timestamp": "2025-11-11T11:03:52.811083Z"}, {"uuid": "4b2b6e6e-c93a-4132-aa07-f955b74be694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52885", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3m4xd2uj33y2k", "content": "", "creation_timestamp": "2025-11-06T10:09:12.932241Z"}, {"uuid": "7c3d76ef-332a-463b-9b83-2ccf0107677c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52885", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3m4xd3juq5px2", "content": "", "creation_timestamp": "2025-11-06T10:10:20.772196Z"}, {"uuid": "40061736-8edc-40f6-a8a0-58dad410d546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52885", "type": "seen", "source": "https://gist.github.com/EbonJaeger/99dd58f015b229c6f25edb5dae784966", "content": "", "creation_timestamp": "2025-10-17T17:52:23.000000Z"}, {"uuid": "dfacb2fb-584b-4135-ae73-5b24808f1ef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://gist.github.com/EbonJaeger/f7d172d49605e41a6829980152c0f6d1", "content": "", "creation_timestamp": "2025-11-07T20:31:33.000000Z"}, {"uuid": "daeb1024-2aed-48cb-901b-bec5d00bd760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52882", "type": "seen", "source": "https://bsky.app/profile/cyberresearch.bsky.social/post/3lzjanqeovj2w", "content": "", "creation_timestamp": "2025-09-23T15:33:13.109933Z"}, {"uuid": "9168fc55-0b3c-4b56-a267-e367e148c939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/161", "content": "", "creation_timestamp": "2025-11-07T16:16:11.000000Z"}, {"uuid": "2ef4a09b-fc9f-4175-8b35-a5ef0e6abfcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/flatcar.org/post/3m5h5s6cknc24", "content": "", "creation_timestamp": "2025-11-12T17:17:35.716666Z"}, {"uuid": "8a2417c2-f5c1-421b-a73b-33f85534c405", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/flatcar.org/post/3m5h5s6azss24", "content": "", "creation_timestamp": "2025-11-12T17:17:32.564384Z"}, {"uuid": "e5126266-6681-45e2-b7c4-0a2631553e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/flatcar.org/post/3m5h5s6by3k24", "content": "", "creation_timestamp": "2025-11-12T17:17:33.195495Z"}, {"uuid": "35539a2c-5a37-4abf-85d4-b8201800a647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/flatcar.org/post/3m5h5s6cfr224", "content": "", "creation_timestamp": "2025-11-12T17:17:35.063283Z"}, {"uuid": "c69a5c5b-5c7e-4b89-a9b5-1826eb78c874", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/155", "content": "", "creation_timestamp": "2025-11-06T16:48:32.000000Z"}, {"uuid": "0cdb68d2-be33-44b2-87d5-1e9063fdc098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/flatcar.org/post/3m5h5s6c7vk24", "content": "", "creation_timestamp": "2025-11-12T17:17:33.854410Z"}, {"uuid": "e8279070-0508-4224-a106-ed717671262f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/flatcar.org/post/3m5h5s6cctc24", "content": "", "creation_timestamp": "2025-11-12T17:17:34.454871Z"}, {"uuid": "7b41aeb7-6501-4ed7-927b-1aa697c9ced7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/tech-trending.bsky.social/post/3m5ehpotboz2n", "content": "", "creation_timestamp": "2025-11-11T15:37:03.478373Z"}, {"uuid": "f8bdd5b3-f5c1-4d8d-b098-bd85451a0d99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3m53huj3yzn52", "content": "", "creation_timestamp": "2025-11-08T01:45:49.355248Z"}, {"uuid": "c492f33b-b0e2-4564-a7e1-1145116c6068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m4y7nkxdan2o", "content": "", "creation_timestamp": "2025-11-06T18:40:44.924063Z"}, {"uuid": "5c25db28-482b-47c3-8813-d571522b59a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3m54cfnvlwc25", "content": "", "creation_timestamp": "2025-11-08T09:40:40.437235Z"}, {"uuid": "878fef14-7b4b-43ad-aabd-0c3eb400c272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3m4yeeozlcj25", "content": "", "creation_timestamp": "2025-11-06T20:05:15.786774Z"}, {"uuid": "054e9154-0dbf-49c3-b55e-69395f39aed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/alexpulver.bsky.social/post/3m7kyzwfzsm2e", "content": "", "creation_timestamp": "2025-12-09T16:53:21.826321Z"}, {"uuid": "2f81297c-8aa7-4c16-a22d-c45aa01af2fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52885", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m347eje37e2l", "content": "", "creation_timestamp": "2025-10-13T21:55:56.558380Z"}, {"uuid": "d8d3d369-d72f-409b-a1dd-b7735e38b422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3m5bld6w7x6l2", "content": "", "creation_timestamp": "2025-11-10T12:04:59.751428Z"}, {"uuid": "096e4f17-ec97-4518-a64d-fc000c4ffdf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52882", "type": "seen", "source": "https://gist.github.com/curphey/4de77ee29a83eda55e07bf1df9116386", "content": "", "creation_timestamp": "2026-01-30T08:50:31.000000Z"}, {"uuid": "471f3719-e752-4b15-8424-0369c2368caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-52882", "type": "seen", "source": "https://gist.github.com/diffshare/fee6425351a21a8cc164c3eab9883f16", "content": "", "creation_timestamp": "2025-12-28T00:20:34.000000Z"}, {"uuid": "546a07cc-29a7-406a-bd82-2552a7c6b7fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5288", "type": "seen", "source": "Telegram/WBc0346lxsSfiAH0b6wKcies2fExx1ZL239jBBtxXzUHCwY", "content": "", "creation_timestamp": "2025-06-13T09:28:45.000000Z"}, {"uuid": "91fbc620-b993-4186-8e4f-1275563e2660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5288", "type": "published-proof-of-concept", "source": "Telegram/hEZhhRBlhjKOjzwPb5HHEyoDQiQ0INtqUOihmQN35WCeNGE", "content": "", "creation_timestamp": "2025-06-13T03:00:05.000000Z"}, {"uuid": "1dda443e-3b18-47da-a23b-573057797dcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5288", "type": "published-proof-of-concept", "source": "Telegram/Oo2zhIfP-OFNa4iwJhTy1S1RKU7Yywidh5cTc6SqGI-jhg4", "content": "", "creation_timestamp": "2025-06-14T03:00:06.000000Z"}, {"uuid": "aad0f92e-b2ca-4577-87b8-01a767bb0ed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52886", "type": "seen", "source": "https://github.blog/security/vulnerability-research/bugs-that-survive-the-heat-of-continuous-fuzzing/", "content": "", "creation_timestamp": "2025-12-29T21:01:14.000000Z"}, {"uuid": "8c6de48e-2c5f-4785-ba3e-0348eb7f385f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "e5dfd475-b269-489e-bf91-5c14001baaf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://gist.github.com/calenwalshe/e60488e3998fd3d2e527c4af1317edbc", "content": "", "creation_timestamp": "2026-04-15T04:32:14.000000Z"}, {"uuid": "e2129edd-0afc-4e5f-91b2-3fa12b623a09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://t.me/information_security_channel/54431", "content": "Runc Vulnerabilities Can Be Exploited to Escape Containers\nhttps://www.securityweek.com/runc-vulnerabilities-can-be-exploited-to-escape-containers/\n\nThe flaws tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 have been patched.\nThe post Runc Vulnerabilities Can Be Exploited to Escape Containers (https://www.securityweek.com/runc-vulnerabilities-can-be-exploited-to-escape-containers/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-11-10T16:54:08.000000Z"}, {"uuid": "63833684-4f47-410e-90a9-5cb04933ab6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://t.me/GithubRedTeam/59132", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aDEPRECATED See CVE-2025-31133, CVE-2025-52565, CVE-2025-52881\nURL\uff1ahttps://github.com/omne-earth/arca\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-10T15:28:52.000000Z"}, {"uuid": "0653b7be-a80c-4c61-80e4-2e724d0f5b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "published-proof-of-concept", "source": "Telegram/sh_Wj4yVZfYZ8SMMOaybmV9yApMn3mNDIaTU298AM_pVdB8", "content": "", "creation_timestamp": "2025-11-11T21:00:05.000000Z"}, {"uuid": "7c57c24b-cabe-4763-8e9c-53aa716bea43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52889", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19498", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52889\n\ud83d\udd25 CVSS Score: 3.4 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L)\n\ud83d\udd39 Description: Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to DHCP pool exhaustion and opens the door for other attacks. A patch is available at commit 2516fb19ad8428454cb4edfe70c0a5f0dc1da214.\n\ud83d\udccf Published: 2025-06-25T16:49:00.442Z\n\ud83d\udccf Modified: 2025-06-25T16:49:00.442Z\n\ud83d\udd17 References:\n1. https://github.com/lxc/incus/security/advisories/GHSA-9q7c-qmhm-jv86\n2. https://github.com/lxc/incus/commit/2516fb19ad8428454cb4edfe70c0a5f0dc1da214\n3. https://github.com/lxc/incus/commit/a7c33301738aede3c035063e973b1d885d9bac7c", "creation_timestamp": "2025-06-25T18:06:29.000000Z"}, {"uuid": "9ae31202-8202-448c-a0ac-325b6d0bf3e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52887", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19610", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52887\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. In version 0.21.0, when many http headers fields are passed in, the library does not limit the number of headers, and the memory associated with the headers will not be released when the connection is disconnected. This leads to potential exhaustion of system memory and results in a server crash or unresponsiveness. Version 0.22.0 contains a patch for the issue.\n\ud83d\udccf Published: 2025-06-26T14:31:52.092Z\n\ud83d\udccf Modified: 2025-06-26T14:31:52.092Z\n\ud83d\udd17 References:\n1. https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-xjhg-gf59-p92h\n2. https://github.com/yhirose/cpp-httplib/commit/28dcf379e82a2cdb544d812696a7fd46067eb7f9", "creation_timestamp": "2025-06-26T14:52:00.000000Z"}, {"uuid": "9a19ccae-e2ce-437e-ad4d-89aeee48ba33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5288", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18255", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5288\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The REST API | Custom API Generator For Cross Platform And Import Export In WP plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the process_handler() function in versions 1.0.0 to 2.0.3. This makes it possible for unauthenticated attackers to POST an arbitrary import_api URL, import specially crafted JSON, and thereby create a new user with full Administrator privileges.\n\ud83d\udccf Published: 2025-06-13T01:47:46.475Z\n\ud83d\udccf Modified: 2025-06-13T01:47:46.475Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/0e2774fc-f028-436c-a8af-3c17378b9743?source=cve\n2. https://plugins.trac.wordpress.org/browser/import-export-with-custom-rest-api/tags/2.0.3/backend/methods/wot-rapi-import-functions.php#L123\n3. https://wordpress.org/plugins/import-export-with-custom-rest-api/#developers", "creation_timestamp": "2025-06-13T02:34:13.000000Z"}, {"uuid": "9839e595-5ea6-487e-97ac-7769aecd6090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52883", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19398", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52883\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Meshtastic-Android is an Android application for the mesh radio software Meshtastic. Prior to version 2.5.21, an attacker is able to send an unencrypted direct message to a victim impersonating any other node of the mesh. This message will be displayed in the same chat that the victim normally communicates with the other node and it will appear as using PKC, while it is not. This means that the victim will be provided with a false sense of security due to the green padlock displayed when using PKC and they'll read the attacker's message as legitimate. Version 2.5.21 contains a patch for the issue. It is suggested to implement a stricter control on whether a message has been received using PKC or using the shared Meshtastic channel key. Moreover, instead of showing no green padlock icon in the chat with no PKC, consider using an explicit indicator like, for example, the yellow half-open padlock displayed when in HAM mode. This remediation, however, applies to the client applications rather than the Meshtastic firmware.\n\ud83d\udccf Published: 2025-06-24T20:12:59.904Z\n\ud83d\udccf Modified: 2025-06-24T20:12:59.904Z\n\ud83d\udd17 References:\n1. https://github.com/meshtastic/Meshtastic-Android/security/advisories/GHSA-h4rg-g6f3-ghh7\n2. https://github.com/meshtastic/Meshtastic-Android/pull/1720", "creation_timestamp": "2025-06-24T20:47:49.000000Z"}, {"uuid": "48704f23-4f07-4c0c-b8ba-ae56a4185166", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52880", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52880\n\ud83d\udd25 CVSS Score: 4.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: Komga is a media server for comics, mangas, BDs, magazines and eBooks. A Cross-Site Scripting (XSS) vulnerability has been discovered in versions 1.8.0 through 1.21.3 when serving EPUB resources, either directly from the API, or when reading using the epub reader. The vulnerability lets an attacker perform actions on the victim's behalf. When targeting an admin user, this can be combined with controlling a server-side command to achieve arbitrary code execution. For this vulnerability to be exploited, a malicious EPUB file has to be present in a Komga library, and subsequently accessed in the Epub reader by an admin user. Version 1.22.0 contains a patch for the issue.\n\ud83d\udccf Published: 2025-06-24T19:56:12.692Z\n\ud83d\udccf Modified: 2025-06-24T20:09:48.364Z\n\ud83d\udd17 References:\n1. https://github.com/gotson/komga/security/advisories/GHSA-m7mm-6jxp-2m4x\n2. https://github.com/gotson/komga/commit/5f9cc449b7846ed2066752c72c9ce7b20c3a85a7", "creation_timestamp": "2025-06-24T20:47:54.000000Z"}, {"uuid": "d12cd29b-abb3-48a5-ab82-b647a8dcb9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52884", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19397", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52884\n\ud83d\udd25 CVSS Score: 1.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: RISC Zero is a zero-knowledge verifiable general computing platform, with Ethereum integration. The risc0-ethereum repository contains Solidity verifier contracts, Steel EVM view call library, and supporting code. Prior to versions 2.1.1 and 2.2.0, the `Steel.validateCommitment` Solidity library function will return `true` for a crafted commitment with a digest value of zero. This violates the semantics of `validateCommitment`, as this does not commitment to a block that is in the current chain. Because the digest is zero, it does not correspond to any block and there exist no known openings. As a result, this commitment will never be produced by a correct zkVM guest using Steel and leveraging this bug to compromise the soundness of a program using Steel would require a separate bug or misuse of the Steel library, which is expected to be used to validate the root of state opening proofs. A fix has been released as part of `risc0-ethereum` 2.1.1 and 2.2.0. Users for the `Steel` Solidity library versions 2.1.0 or earlier should ensure they are using `Steel.validateCommitment` in tandem with zkVM proof verification of a Steel program, as shown in the ERC-20 counter example, and documentation. This is the correct usage of Steel, and users following this pattern are not at risk, and do not need to take action. Users not verifying a zkVM proof of a Steel program should update their application to do so, as this is incorrect usage of Steel.\n\ud83d\udccf Published: 2025-06-24T20:20:17.287Z\n\ud83d\udccf Modified: 2025-06-24T20:20:17.287Z\n\ud83d\udd17 References:\n1. https://github.com/risc0/risc0-ethereum/security/advisories/GHSA-gjv3-89hh-9xq2\n2. https://github.com/risc0/risc0-ethereum/pull/605\n3. https://github.com/risc0/risc0-ethereum/commit/3bbac859c7132b21ba5fdf2d47f1dd52e7e73d98\n4. https://docs.beboundless.xyz/developers/steel/how-it-works#verifying-the-proof-onchain\n5. https://github.com/risc0/risc0-ethereum/blob/ff0cb9253a87945b653b825711b8b5075f8b7545/examples/erc20-counter/contracts/src/Counter.sol#L56-L63\n6. https://github.com/risc0/risc0-ethereum/releases/tag/v2.1.1\n7. https://github.com/risc0/risc0-ethereum/releases/tag/v2.2.0", "creation_timestamp": "2025-06-24T20:47:48.000000Z"}, {"uuid": "740ab868-5e32-4004-aa17-6e619860fbe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52882", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19405", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52882\n\ud83d\udd25 CVSS Score: 8.8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N)\n\ud83d\udd39 Description: Claude Code is an agentic coding tool. Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions versions 0.2.116 through 1.0.23 are vulnerable. For Jetbrains IDE plugins, Claude Code [beta] versions 0.1.1 through 0.1.8 are vulnerable. In VSCode (and forks), exploitation would allow an attacker to read arbitrary files, see the list of files open in the IDE, get selection and diagnostics events from the IDE, or execute code in limited situations where a user has an open Jupyter Notebook and accepts a malicious prompt. In JetBrains IDEs, an attacker could get selection events, a list of open files, and a list of syntax errors. Claude released a patch for this issue on June 13th, 2025. Although Claude Code auto-updates when a user launch it and auto-updates the extensions, users should take the following steps, though the exact steps depend on one's integrated development environment (IDE). For VSCode, Cursor, Windsurf, VSCodium, and other VSCode forks, check the extension Claude Code for VSCode. Open the list of Extensions (View-&gt;Extensions), look for Claude Code for VSCode among installed extensions, update or uninstall any version prior to 1.0.24, and restart the IDE. For JetBrains IDEs including IntelliJ, PyCharm, and Android Studio, check the plugin Claude Code [Beta]. Open the Plugins list, look for Claude Code [Beta] among installed extensions, update or uninstall any version prior to 0.1.9, and restart the IDE.\n\ud83d\udccf Published: 2025-06-24T20:01:49.595Z\n\ud83d\udccf Modified: 2025-06-24T20:01:49.595Z\n\ud83d\udd17 References:\n1. https://github.com/anthropics/claude-code/security/advisories/GHSA-9f65-56v6-gxw7", "creation_timestamp": "2025-06-24T20:48:02.000000Z"}, {"uuid": "868399d8-a759-4ef6-a671-aa00861cdf32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52888", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19409", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52888\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Allure 2 is the version 2.x branch of Allure Report, a multi-language test reporting tool. A critical XML External Entity (XXE) vulnerability exists in the xunit-xml-plugin used by Allure 2 prior to version 2.34.1. The plugin fails to securely configure the XML parser (`DocumentBuilderFactory`) and allows external entity expansion when processing test result .xml files. This allows attackers to read arbitrary files from the file system and potentially trigger server-side request forgery (SSRF). Version 2.34.1 contains a patch for the issue.\n\ud83d\udccf Published: 2025-06-24T19:45:22.854Z\n\ud83d\udccf Modified: 2025-06-24T19:56:50.479Z\n\ud83d\udd17 References:\n1. https://github.com/allure-framework/allure2/security/advisories/GHSA-h7qf-qmf3-85qg\n2. https://github.com/allure-framework/allure2/commit/cbcb33719851ff70adce85d38e15d20fc58d4eb7", "creation_timestamp": "2025-06-24T20:48:09.000000Z"}, {"uuid": "a6eb02dd-cfe3-4416-92db-3caa8ca20330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52881", "type": "seen", "source": "https://bsky.app/profile/unraid.net/post/3mkocnold3a2s", "content": "Security first. \ud83d\udee1\ufe0f\n\nUnraid 7.3.0-rc.1 brings a major security-forward reason to upgrade your test servers.\n\nPatched:\n\ud83d\udd12 Docker 29.3.1 runc fixes (CVE-2025-31133, CVE-2025-52565, CVE-2025-52881)\n\ud83d\udd12 bind updated for outstanding CVEs\n\nPlus: AMD XDNA support &amp; QEMU 10.2.2!", "creation_timestamp": "2026-04-30T00:00:36.144736Z"}]}