{"vulnerability": "CVE-2025-5309", "sightings": [{"uuid": "a883d638-a027-406f-a81f-bd7caafb2d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://threatintel.cc/2025/06/19/beyondtrust-warns-of-preauth-rce.html", "content": "", "creation_timestamp": "2025-06-19T12:09:54.000000Z"}, {"uuid": "85e46b60-c607-4b79-869c-96026e5b3bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114693973746411987", "content": "", "creation_timestamp": "2025-06-16T16:25:53.879872Z"}, {"uuid": "a116da43-1e0f-4026-9578-90d0d840aff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://bsky.app/profile/thenerdy.one/post/3lrqjhzjqgs22", "content": "", "creation_timestamp": "2025-06-16T17:38:11.702314Z"}, {"uuid": "803a5a38-197a-4cff-ab53-08bdc68a0771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53094", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114772686123078662", "content": "", "creation_timestamp": "2025-06-30T14:03:28.380129Z"}, {"uuid": "b8aaf4fa-798b-4c31-b944-27b706b88555", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrqpk5t5lk2r", "content": "", "creation_timestamp": "2025-06-16T19:26:44.196965Z"}, {"uuid": "83d458ae-1bc7-425e-a1d8-3fb4a0bf2a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-5309", "type": "seen", "source": "https://infosec.exchange/users/defendopsdiaries/statuses/114703860746418555", "content": "", "creation_timestamp": "2025-06-18T10:20:16.299292Z"}, {"uuid": "71960aa4-2a21-43a5-a0c3-6d45db8063e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lrus5klcye2z", "content": "", "creation_timestamp": "2025-06-18T10:24:01.860735Z"}, {"uuid": "b4c4df77-9af9-430b-b7ef-0026f0d8f4e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lrusbcxod327", "content": "", "creation_timestamp": "2025-06-18T10:26:08.713180Z"}, {"uuid": "d233a3c5-85dc-4c10-b807-1f0284a7fd94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53095", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsurep553y2a", "content": "", "creation_timestamp": "2025-07-01T03:35:19.135943Z"}, {"uuid": "18be87a6-e312-4a78-bcab-18bc2b44d62f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53096", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsv34m2gdc2i", "content": "", "creation_timestamp": "2025-07-01T06:29:44.824734Z"}, {"uuid": "e070f7be-426e-497a-8dce-db2c0f7e58f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrvthuflrqw2", "content": "", "creation_timestamp": "2025-06-18T20:20:28.823848Z"}, {"uuid": "af9f647b-bf63-4f48-8da1-c197f63d2fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53091", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsmdoyczrt2o", "content": "", "creation_timestamp": "2025-06-27T19:09:14.091392Z"}, {"uuid": "a39f64f9-799b-476d-b808-3716a23d2f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53093", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsmgb337a72r", "content": "", "creation_timestamp": "2025-06-27T19:55:08.256986Z"}, {"uuid": "adfb9e08-13c0-42c2-8d19-c8d3fce9cb75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53094", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lsmhwirigj2p", "content": "", "creation_timestamp": "2025-06-27T20:25:01.148861Z"}, {"uuid": "8c5e5662-f004-4c2e-8abb-4eb3e009064b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53094", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsmiqcpzd325", "content": "", "creation_timestamp": "2025-06-27T20:39:27.343962Z"}, {"uuid": "eff38056-71e0-4472-9ffb-cdf9ad2f3cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53097", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsmwp6uffg2k", "content": "", "creation_timestamp": "2025-06-28T00:49:21.899105Z"}, {"uuid": "ba4c8f38-ba40-4d71-8814-81dd9f93efa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53098", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsmwy5bz7k2a", "content": "", "creation_timestamp": "2025-06-28T00:54:22.522377Z"}, {"uuid": "a375554b-a256-4187-8c0b-9591281f9980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114721100568479309", "content": "", "creation_timestamp": "2025-06-21T11:24:38.567092Z"}, {"uuid": "4b99ae43-c1e5-40fc-b36b-43bc68d91f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/114710426414523973", "content": "", "creation_timestamp": "2025-06-19T14:10:00.288400Z"}, {"uuid": "10720a65-c772-4572-96ce-e05fa5179672", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53095", "type": "seen", "source": "https://gist.github.com/EbonJaeger/c926e3af98a35b4e4b74385dfdc6e799", "content": "", "creation_timestamp": "2025-08-01T20:18:13.000000Z"}, {"uuid": "02b96e5a-cb08-41a5-8680-f37cb1bc4295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53096", "type": "seen", "source": "https://gist.github.com/EbonJaeger/c926e3af98a35b4e4b74385dfdc6e799", "content": "", "creation_timestamp": "2025-08-01T20:18:13.000000Z"}, {"uuid": "bfdfdb51-50f2-4aba-9d29-1531491e24ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53097", "type": "seen", "source": "https://gist.github.com/openjny/0f6c31694b4337dd06b63c352290b14f", "content": "", "creation_timestamp": "2026-03-03T15:01:27.000000Z"}, {"uuid": "af741e61-7d65-4045-9969-af274fa60d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53098", "type": "seen", "source": "https://bsky.app/profile/nerq-ai.bsky.social/post/3mhcxprnsrh2r", "content": "", "creation_timestamp": "2026-03-18T07:30:02.458774Z"}, {"uuid": "a9a1f030-52db-4663-8533-124e04b74dba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/41739", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\ud83d\udea8 CVE-2025-5309 Multi-Method SSTI Scanner | BeyondTrust Detection Tool by Issam\nURL\uff1ahttps://github.com/issamjr/CVE-2025-5309-Scanner\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-24T16:41:23.000000Z"}, {"uuid": "70a71390-d9fa-4efe-a552-8cc819b03d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53098", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19791", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53098\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Roo Code is an AI-powered autonomous coding agent. The project-specific MCP configuration for the Roo Code agent is stored in the `.roo/mcp.json` file within the VS Code workspace. Because the MCP configuration format allows for execution of arbitrary commands, prior to version 3.20.3, it would have been possible for an attacker with access to craft a prompt to ask the agent to write a malicious command to the MCP configuration file. If the user had opted-in to auto-approving file writes within the project, this would have led to arbitrary command execution. This issue is of moderate severity, since it requires the attacker to already be able to submit prompts to the agent (for instance through a prompt injection attack), for the user to have MCP enabled (on by default), and for the user to have enabled auto-approved file writes (off by default). Version 3.20.3 fixes the issue by adding an additional layer of opt-in configuration for auto-approving writing to Roo's configuration files, including all files within the `.roo/` folder.\n\ud83d\udccf Published: 2025-06-27T21:43:35.031Z\n\ud83d\udccf Modified: 2025-06-27T21:43:35.031Z\n\ud83d\udd17 References:\n1. https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-5x8h-m52g-5v54\n2. https://github.com/RooCodeInc/Roo-Code/commit/7d0b22f9e659dc6c26aab0bacbea27874986e772", "creation_timestamp": "2025-06-27T21:55:02.000000Z"}, {"uuid": "0b2d3044-01fb-46f0-83e9-181da1101b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53093", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19754", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53093\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L)\n\ud83d\udd39 Description: TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the `` tag. Version 3.1.1 contains a patch for the bug.\n\ud83d\udccf Published: 2025-06-27T17:43:24.107Z\n\ud83d\udccf Modified: 2025-06-27T17:43:24.107Z\n\ud83d\udd17 References:\n1. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/security/advisories/GHSA-jfj7-249r-7j2m\n2. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/4cdf217ef96da74a1503d1dd0bb0ed898fc2a612\n3. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/62ce0fcdf32bd3cfa77f92ff6b940459a14315fa\n4. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Components/TabberComponentTabs.php#L15-L31\n5. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Tabber.php#L76\n6. https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/templates/Tabs.mustache#L1", "creation_timestamp": "2025-06-27T17:56:09.000000Z"}, {"uuid": "893fcdc9-936b-4cf6-9e52-1fd86a06336f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53094", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19782", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53094\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: ESPAsyncWebServer is an asynchronous HTTP and WebSocket server library for ESP32, ESP8266, RP2040 and RP2350. In versions up to and including 3.7.8, a CRLF (Carriage Return Line Feed) injection vulnerability exists in the construction and output of HTTP headers within `AsyncWebHeader.cpp`. Unsanitized input allows attackers to inject CR (`\\r`) or LF (`\\n`) characters into header names or values, leading to arbitrary header or response manipulation. Manipulation of HTTP headers and responses can enable a wide range of attacks, making the severity of this vulnerability high. A fix is available at pull request 211 and is expected to be part of version 3.7.9.\n\ud83d\udccf Published: 2025-06-27T19:57:15.032Z\n\ud83d\udccf Modified: 2025-06-27T20:19:14.457Z\n\ud83d\udd17 References:\n1. https://github.com/ESP32Async/ESPAsyncWebServer/security/advisories/GHSA-87j8-6f7g-h8wh\n2. https://github.com/ESP32Async/ESPAsyncWebServer/pull/211\n3. https://github.com/ESP32Async/ESPAsyncWebServer/blob/1095dfd1ecf1a903aede29854232af1b24f089b1/src/AsyncWebHeader.cpp#L6-L32", "creation_timestamp": "2025-06-27T20:52:27.000000Z"}, {"uuid": "43cfb92d-a94c-4c08-920e-186103a64a34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53097", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19792", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53097\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Roo Code is an AI-powered autonomous coding agent. Prior to version 3.20.3, there was an issue where the Roo Code agent's `search_files` tool did not respect the setting to disable reads outside of the VS Code workspace. This means that an attacker who was able to inject a prompt into the agent could potentially read a sensitive file and then write the information to a JSON schema. Users have the option to disable schema fetching in VS Code, but the feature is enabled by default. For users with this feature enabled, writing to the schema would trigger a network request without the user having a chance to deny. This issue is of moderate severity, since it requires the attacker to already be able to submit prompts to the agent. Version 3.20.3 fixed the issue where `search_files` did not respect the setting to limit it to the workspace. This reduces the scope of the damage if an attacker is able to take control of the agent through prompt injection or another vector.\n\ud83d\udccf Published: 2025-06-27T21:43:31.678Z\n\ud83d\udccf Modified: 2025-06-27T21:43:31.678Z\n\ud83d\udd17 References:\n1. https://github.com/RooCodeInc/Roo-Code/security/advisories/GHSA-wr2q-46pg-f228\n2. https://github.com/RooCodeInc/Roo-Code/commit/10b2fb32ed047bbd7b8d10ef185c1ed345efcc92\n3. https://github.com/RooCodeInc/Roo-Code/commit/7d0b22f9e659dc6c26aab0bacbea27874986e772", "creation_timestamp": "2025-06-27T21:55:03.000000Z"}, {"uuid": "8468c219-b263-4c56-934f-50149e62c79a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53096", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19997", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53096\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Clickjacking attacks. This vulnerability allows an attacker to embed the Sunshine interface within a malicious website using an invisible or disguised iframe. If a user is tricked into interacting (one or multiple clicks) with the malicious page while authenticated, they may unknowingly perform actions within the Sunshine application without their consent. This issue has been patched in version 2025.628.4510.\n\ud83d\udccf Published: 2025-07-01T01:33:01.336Z\n\ud83d\udccf Modified: 2025-07-01T01:33:01.336Z\n\ud83d\udd17 References:\n1. https://github.com/LizardByte/Sunshine/security/advisories/GHSA-x97g-h2vp-g2c5\n2. https://github.com/LizardByte/Sunshine/commit/2f27a57d01911436017f87bf08b9e36dcfaa86cc", "creation_timestamp": "2025-07-01T02:07:42.000000Z"}, {"uuid": "cebd7edd-d9fb-4592-bdd4-1d98c6fb12c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18469", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5309\n\ud83d\udd25 CVSS Score: 8.6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.\n\ud83d\udccf Published: 2025-06-16T16:06:14.413Z\n\ud83d\udccf Modified: 2025-06-16T16:06:14.413Z\n\ud83d\udd17 References:\n1. https://www.beyondtrust.com/trust-center/security-advisories/bt25-04", "creation_timestamp": "2025-06-16T16:36:02.000000Z"}, {"uuid": "e4cfc8b5-0885-43da-ba0c-70d0f9fffb14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53091", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19742", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53091\n\ud83d\udd25 CVSS Score: 10 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox parameter of the `/controle/getProdutosPorAlmox.php` endpoint. This issue allows any unauthenticated attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or further exploitation depending on database configuration. Version 3.4.0 fixes the issue.\n\ud83d\udccf Published: 2025-06-27T15:08:34.306Z\n\ud83d\udccf Modified: 2025-06-27T15:46:13.293Z\n\ud83d\udd17 References:\n1. https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-pmf9-2rc3-vvxx", "creation_timestamp": "2025-06-27T15:53:20.000000Z"}, {"uuid": "9e13864c-476f-4280-9ad4-c0276f8cdfc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53095", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19996", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53095\n\ud83d\udd25 CVSS Score: 9.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery (CSRF) attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can trigger unintended actions within the Sunshine application on behalf of that user. Specifically, since the application does OS command execution by design, this issue can be exploited to abuse the \"Command Preparations\" feature, enabling an attacker to inject arbitrary commands that will be executed with Administrator privileges when an application is launched. This issue has been patched in version 2025.628.4510.\n\ud83d\udccf Published: 2025-07-01T01:33:22.331Z\n\ud83d\udccf Modified: 2025-07-01T01:33:22.331Z\n\ud83d\udd17 References:\n1. https://github.com/LizardByte/Sunshine/security/advisories/GHSA-39hj-fxvw-758m\n2. https://github.com/LizardByte/Sunshine/commit/738ac93a0ec1cd10412d1f339968775f53bfefe0", "creation_timestamp": "2025-07-01T02:07:41.000000Z"}, {"uuid": "719f51e7-b116-4a9e-b7c3-a41b93ec0c8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-53099", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/20042", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-53099\n\ud83d\udd25 CVSS Score: 5.5 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: Sentry is a developer-first error tracking and performance monitoring tool. Prior to version 25.5.0, an attacker with a malicious OAuth application registered with Sentry can take advantage of a race condition and improper handling of authorization code within Sentry to maintain persistence to a user's account. With a specially timed requests and redirect flows, an attacker could generate multiple authorization codes that could be used to exchange for access and refresh tokens. This was possible even after de-authorizing the particular application. This issue has been patched in version 25.5.0. Self-hosted Sentry users should upgrade to version 25.5.0 or higher. Sentry SaaS users do not need to take any action.\n\ud83d\udccf Published: 2025-07-01T14:53:16.878Z\n\ud83d\udccf Modified: 2025-07-01T14:53:16.878Z\n\ud83d\udd17 References:\n1. https://github.com/getsentry/sentry/security/advisories/GHSA-mgh8-h4xc-pfmj\n2. https://github.com/getsentry/sentry/pull/85570\n3. https://github.com/getsentry/sentry/pull/85571\n4. https://github.com/getsentry/sentry/pull/86069\n5. https://github.com/getsentry/sentry/pull/86532\n6. https://github.com/getsentry/sentry/commit/57f0129e1e977b76fe8d16667a586578791a3dcd\n7. https://github.com/getsentry/sentry/commit/ab5fd932ca6bd46529ba3308b4669e3cee719b8f\n8. https://github.com/getsentry/sentry/commit/e6241254aead969e6c8490a81cde9a01335df19d", "creation_timestamp": "2025-07-01T15:07:56.000000Z"}, {"uuid": "eb7114e9-a79c-46d4-9029-61f29c7e9740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://t.me/itsec_news/5908", "content": "\u0413\u0440\u043e\u043c\u043a\u0438\u0435 \u0441\u043e\u0431\u044b\u0442\u0438\u044f \u0432 ITSEC: 16\u201320 \u0438\u044e\u043d\u044f 2025.\n\u041d\u0435\u0434\u0435\u043b\u044f \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430: \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u043e \u0441\u0442\u0430\u043b\u043e \u043f\u043e\u043b\u0435\u043c \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438, \u0430 \u0440\u0435\u0433\u0443\u043b\u044f\u0442\u043e\u0440\u044b \u2014 \u0436\u0435\u0441\u0442\u0447\u0435. \u0412\u043e\u0442 \u0433\u043b\u0430\u0432\u043d\u043e\u0435:\n\nNobitex: $90M \u0432 \u043f\u0435\u043f\u0435\u043b.\n\u0418\u0440\u0430\u043d\u0441\u043a\u0430\u044f \u043a\u0440\u0438\u043f\u0442\u043e\u0431\u0438\u0440\u0436\u0430 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 Gonjeshke Darande. \u0427\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0433\u043e\u0440\u044f\u0447\u0438\u0445 \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u0445 \u043f\u043e\u0445\u0438\u0449\u0435\u043d\u043e $90M \u0432 BTC, ETH, USDT. \u0421\u0435\u0442\u044c Tron \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u0432\u043e\u0434\u0430 \u0441 \u043f\u0440\u043e\u0432\u043e\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u044f\u043c\u0438:\u00abFuckIRGCTerrorists\u00bb.\n\u0410\u0442\u0430\u043a\u0430 \u0441\u0438\u043d\u0445\u0440\u043e\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0441 \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u0438\u043c\u0438 \u0443\u0434\u0430\u0440\u0430\u043c\u0438 \u043f\u043e \u044f\u0434\u0435\u0440\u043d\u044b\u043c \u043e\u0431\u044a\u0435\u043a\u0442\u0430\u043c \u0418\u0440\u0430\u043d\u0430. \u0425\u0430\u043a\u0435\u0440\u044b \u0441\u043e\u0436\u0433\u043b\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u0432 \u043a\u0440\u0430\u0436\u0443 \u0432 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043a\u0442. \u0411\u0438\u0440\u0436\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u0435\u0449\u0430\u044e\u0442 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0430\u0446\u0438\u0438.\n\n\u0414\u0432\u043e\u0439\u043d\u0430\u044f \u0443\u0442\u0435\u0447\u043a\u0430: Aflac \u0438 WaPo.\n\u25fe\ufe0fAflac: \u0421\u043e\u0446\u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u044f \u043f\u0440\u0438\u0432\u0435\u043b\u0430 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 SSN, \u043c\u0435\u0434\u0434\u0430\u043d\u043d\u044b\u0445 \u0438 PII \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0430\u0447\u0430\u0442\u043e 12 \u0438\u044e\u043d\u044f.\n\u25fe\ufe0fWashington Post: \u0412\u0437\u043b\u043e\u043c\u0430\u043d\u044b \u043f\u043e\u0447\u0442\u044b \u0436\u0443\u0440\u043d\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043f\u043e \u043d\u0430\u0446\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u041a\u0438\u0442\u0430\u044e. \u041f\u043e\u0434 \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u043d\u0438\u0435\u043c \u2014 \u0433\u043e\u0441\u0448\u043f\u0438\u043e\u043d\u0430\u0436 (\u041a\u041d\u0420/\u0420\u0424).\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\nLangflow (CVE-2025-3248):\n\u25fe\ufe0fRCE \u0447\u0435\u0440\u0435\u0437 \u044d\u043d\u0434\u043f\u043e\u0438\u043d\u0442 /api/v1/validate/code. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Flodrix \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a \u0438 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445.\n\u25fe\ufe0f\u041f\u0430\u0442\u0447: \u0432\u0435\u0440\u0441\u0438\u044f 1.3.0+ \u0441 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439.\n\nBeyondTrust (CVE-2025-5309):\n\u25fe\ufe0fSSTI \u0432 \u0447\u0430\u0442-\u043c\u043e\u0434\u0443\u043b\u0435 \u2192 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u044b Remote Support/PRA \u0432\u0435\u0440\u0441\u0438\u0439 24.2.2\u201325.1.1.\n\u25fe\ufe0f\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f: \u0421\u0440\u043e\u0447\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 + SAML-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f.\n\n\u0416\u0451\u0441\u0442\u0447\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c.\n\u0420\u043e\u0441\u0444\u0438\u043d\u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433: \u0421 1 \u0438\u044e\u043d\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u043f\u0435\u0440\u0435\u0432\u043e\u0434\u044b \u0431\u0435\u0437 \u0441\u0443\u0434\u0430 \u043d\u0430 10 \u0434\u043d\u0435\u0439 \u043f\u0440\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u043d\u0438\u0438 \u0432 \u043e\u0442\u043c\u044b\u0432\u0430\u043d\u0438\u0438. \u041f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c: \u0447\u0430\u0441\u0442\u044b\u0435 \u043c\u0435\u043b\u043a\u0438\u0435 \u0442\u0440\u0430\u043d\u0437\u0430\u043a\u0446\u0438\u0438, \"\u0441\u0442\u0440\u0430\u043d\u043d\u044b\u0435\" \u0442\u0440\u0430\u0442\u044b.\n\n\u041c\u0435\u0441\u0441\u0435\u043d\u0434\u0436\u0435\u0440 Max: \u041e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043d\u0430 \u0441\u043c\u0430\u0440\u0442\u0444\u043e\u043d\u044b \u0441 1 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f. \u0418\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f \u0441 \u0413\u043e\u0441\u0443\u0441\u043b\u0443\u0433\u0430\u043c\u0438, \u042d\u0426\u041f, \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0439 ID.\n\n\u0421\u043a\u0430\u043d\u0434\u0430\u043b: 1\u0421-\u0411\u0438\u0442\u0440\u0438\u043a\u0441 \u0438 \u0418\u0440\u043b\u0430\u043d\u0434\u0438\u044f.\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 DPA Analytics: 11 \u043b\u0435\u0442 CMS \u0442\u0430\u0439\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0430 \u0434\u0430\u043d\u043d\u044b\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u0432 \u0418\u0440\u043b\u0430\u043d\u0434\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u043a\u0440\u0438\u043f\u0442 bitrix.info/ba.js.\n\u25fe\ufe0f\u0412\u0435\u043d\u0434\u043e\u0440: \"\u042d\u0442\u043e \u043c\u0435\u0442\u0440\u0438\u043a\u0438 \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u0438\u0437 \u043c\u043e\u0434\u0443\u043b\u044f \u00ab\u0421\u043a\u043e\u0440\u043e\u0441\u0442\u044c \u0441\u0430\u0439\u0442\u0430\u00bb\".\n\u25fe\ufe0f\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b: \u0421\u0431\u043e\u0440 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u0435\u0437 \u0441\u043e\u0433\u043b\u0430\u0441\u0438\u044f.\n\u0424\u0443\u043d\u043a\u0446\u0438\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0441 7 \u0438\u044e\u043d\u044f, \u043d\u043e \u0432\u043e\u043f\u0440\u043e\u0441\u044b \u043a \u0424\u0417-152 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f.\n\nRansomware + \u044e\u0440\u0438\u0441\u0442\u044b = \u0430\u0434.\n\u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Qilin \u0432\u043d\u0435\u0434\u0440\u0438\u043b\u0430 \u043e\u043f\u0446\u0438\u044e \u00abCall a Lawyer\u00bb:\n\u25fe\ufe0f\"\u0410\u0434\u0432\u043e\u043a\u0430\u0442\u044b\" \u0434\u0430\u0432\u044f\u0442 \u043d\u0430 \u0436\u0435\u0440\u0442\u0432: \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442 \u0443\u0449\u0435\u0440\u0431, \u0433\u0440\u043e\u0437\u044f\u0442 \u0438\u0441\u043a\u0430\u043c\u0438.\n\u25fe\ufe0f\u0426\u0435\u043b\u044c: \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0442\u044c \u0432\u044b\u043a\u0443\u043f \u0447\u0435\u0440\u0435\u0437 \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b.\n\n\u0418\u0418 \u2014 \u043e\u0440\u0443\u0434\u0438\u0435 \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432.\n\u041e\u0442\u0447\u0451\u0442 OpenAI: \u0413\u0440\u0443\u043f\u043f\u044b \u0438\u0437 \u0420\u0424, \u041a\u041d\u0420, \u0418\u0440\u0430\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0418\u0418 \u0434\u043b\u044f:\n\u25fe\ufe0f\u0413\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043e\u0432 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f Windows-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b).\n\u25fe\ufe0f\u0424\u0438\u0448\u0438\u043d\u0433\u0430 \u0438 \u0441\u043e\u0446\u0438\u043d\u0436\u0435\u043d\u0435\u0440\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 ChatGPT.\n\u25fe\ufe0f\u041f\u0440\u043e\u043f\u0430\u0433\u0430\u043d\u0434\u044b (\u0431\u043e\u0442\u0441\u0435\u0442\u0438 \u0432 TikTok/X).\n\n#\u0438\u0442\u043e\u0433\u0438\n\nITsec NEWS", "creation_timestamp": "2025-06-21T10:00:37.000000Z"}, {"uuid": "4c9fa8c0-5b2e-45ac-9288-6e4ea61271f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "published-proof-of-concept", "source": "Telegram/sIKwSeNUpe7JNZeJNh_vlAgf4HoS_EvEcDsmJEUgRhpauHM", "content": "", "creation_timestamp": "2025-06-25T07:00:06.000000Z"}, {"uuid": "de655c60-6970-45c2-b89b-773fed9255d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "published-proof-of-concept", "source": "Telegram/Od3SFIwTXU85oXzkcR6Q-PR-rjVZLt3U6sXYvEmQ4ovgOa8", "content": "", "creation_timestamp": "2025-06-24T21:00:04.000000Z"}, {"uuid": "7ddacf25-1c71-4f97-a5d1-aabc22ed651d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "published-proof-of-concept", "source": "Telegram/Xd5Dp2K-pK8eim0GR99MlfqC5INsxluEke7iGLM_07w0WZI", "content": "", "creation_timestamp": "2025-06-25T09:00:03.000000Z"}, {"uuid": "41aa5a21-94e0-4b2d-a2e1-dbe8514de17e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5309", "type": "seen", "source": "https://t.me/true_secator/7151", "content": "\u0412 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0434\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f:\n\n1. BeyondTrust \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430.\n\nCVE-2025-5309 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Resilion\u00a0\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b BeyondTrust Remote Support \u0438 Privileged Remote Access. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0448\u0430\u0431\u043b\u043e\u043d\u0438\u0437\u0430\u0442\u043e\u0440 BeyondTrust \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n2. Citrix \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0434\u043b\u044f \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0440\u0435\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 (CVE-2025-5777) \u0432 NetScaler ADC \u0438 NetScaler Gateway.\n\nCitrix \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\u00a0\n\n3. \u0414\u0436\u043e\u043d\u0430\u0442\u0430\u043d \u041c\u044d\u043d\u043d\u0445\u0435\u043d \u043e\u0442\u044b\u0441\u043a\u0430\u043b \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Erlang/OTP ZIP-\u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043f\u0443\u0442\u044c \u043f\u043e \u0441\u0432\u043e\u0435\u043c\u0443 \u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044e.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 CrowdStrike \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043e\u0431\u0437\u043e\u0440 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 AMSI \u0431\u0435\u0437 \u043f\u0430\u0442\u0447\u0435\u0439, \u0435\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n5. Cisco \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439.\n\n6. Atlassian \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u0445 Bamboo, Bitbucket, Confluence, Crowd \u0438 Jira.\n\n\u041a \u043d\u0438\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f CVE-2025-22228 (\u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0432 Spring), CVE-2025-24970 (DoS \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Netty), CVE-2024-38816 (\u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u0432\u0435\u0431-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430\u043c\u0438 WebMvc.fn \u0438 WebFlux.fn), CVE-2024-57699 (DoS \u0432 Netplex Json-smart) \u0438 CVE-2025-31650 (DoS \u0432 Apache Tomcat).\n\n7. Microsoft \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u043f\u043b\u0430\u043d\u0430\u0445 \u043f\u0435\u0440\u0438\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438\u0437 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u0438.\n\n8. GreyNoise \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0435 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-28771 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Zyxel, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u043c \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai.\n\n9. \u041d\u0435\u0434\u0430\u0432\u043d\u044f\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Langflow, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a CVE-2025-3248, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043e\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0431\u043e\u0442\u043d\u0435\u0442 Flodrix, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 Trend Micro.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Langflow, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 PoC, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445.", "creation_timestamp": "2025-06-20T18:30:05.000000Z"}]}