{"vulnerability": "cve-2025-2289", "sightings": [{"uuid": "bb7178f8-2d2d-420c-b71d-2e385147c8d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22894", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhinm5so5j2p", "content": "", "creation_timestamp": "2025-02-06T08:18:49.572521Z"}, {"uuid": "a27d31f7-14b4-49d9-98ed-f9f00f998a65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22890", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhiop62fkv2u", "content": "", "creation_timestamp": "2025-02-06T08:38:25.272745Z"}, {"uuid": "7a9e728d-bd98-4800-bc80-69b200038955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22891", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113952551540292342", "content": "", "creation_timestamp": "2025-02-05T17:52:27.631083Z"}, {"uuid": "2be8f626-cbbb-47ca-bb05-4f402df67722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22890", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113955673358198989", "content": "", "creation_timestamp": "2025-02-06T07:06:22.870205Z"}, {"uuid": "59fa4132-e7d6-4b32-8db7-c41e10513078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22891", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhh6kh7tzg2t", "content": "", "creation_timestamp": "2025-02-05T18:16:46.428696Z"}, {"uuid": "93faa7e5-9203-476f-9f2a-80b6f8209233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22894", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113955709150996269", "content": "", "creation_timestamp": "2025-02-06T07:15:29.101476Z"}, {"uuid": "2d2aee77-6027-4e97-bb01-a4d5e0bc1fae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22890", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhik3e6emg2f", "content": "", "creation_timestamp": "2025-02-06T07:15:44.665219Z"}, {"uuid": "7e7e7971-3c98-4ed2-a71e-3122618d34ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lj4blb2qxv2k", "content": "", "creation_timestamp": "2025-02-26T21:02:05.080634Z"}, {"uuid": "1468eff0-880e-46b0-b1b5-d732cf0027d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "6e9e00ef-d204-4a9b-872a-18055917d03d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li3pnfazdj2z", "content": "", "creation_timestamp": "2025-02-13T22:15:53.580817Z"}, {"uuid": "4d81bbe8-7397-477d-a0d2-27629afc9b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113999014824595692", "content": "", "creation_timestamp": "2025-02-13T22:48:41.467301Z"}, {"uuid": "af90accc-a5b2-4e18-b870-ae216178875d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li427rzfxs2v", "content": "", "creation_timestamp": "2025-02-14T01:25:09.069450Z"}, {"uuid": "551dd440-0cbc-45f9-9946-46924aacedfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-26T02:35:25.000000Z"}, {"uuid": "1205460e-496f-4f3e-9d94-15bdf95df4d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "cad226d8-dbe4-4006-9ce6-759826973543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://bsky.app/profile/rajsamani.bsky.social/post/3ljhibmmnms2v", "content": "", "creation_timestamp": "2025-03-03T08:01:12.115093Z"}, {"uuid": "887688ea-7976-4663-aabe-35327590b956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22897", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:46.000000Z"}, {"uuid": "3a26fff6-ea35-4bd1-b82a-50bce7b5e32d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22890", "type": "seen", "source": "https://t.me/cvedetector/17369", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22890 - Defense Platform Home Edition Elevation of Privilege Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22890 \nPublished : Feb. 6, 2025, 7:15 a.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T10:12:37.000000Z"}, {"uuid": "cbb77333-7401-42c9-bcb3-7ec675dd8be5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/scada/mypro_mgr_creds.rb", "content": "", "creation_timestamp": "2025-02-25T10:42:49.000000Z"}, {"uuid": "3092c5f1-e824-4cb4-aa82-d9ea138d823b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22891", "type": "seen", "source": "https://t.me/cvedetector/17327", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22891 - F5 BIG-IP Diameter Endpoint Profile Denial of Service (DoS) and Memory Consumption Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22891 \nPublished : Feb. 5, 2025, 6:15 p.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T21:40:00.000000Z"}, {"uuid": "a40e5236-5d8b-479d-8e03-0992fb4675f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22897", "type": "seen", "source": "https://t.me/cvedetector/19454", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22897 - OpenHarmony Buffer Overflow DOS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22897 \nPublished : March 4, 2025, 4:15 a.m. | 22\u00a0minutes ago \nDescription : in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T05:48:04.000000Z"}, {"uuid": "9d4d352a-22c1-4ee6-8188-4de664577aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22894", "type": "seen", "source": "https://t.me/cvedetector/17373", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22894 - Microsoft Defense Platform Shatter Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22894 \nPublished : Feb. 6, 2025, 8:15 a.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a result, an arbitrary DLL may be executed with SYSTEM privilege. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T11:52:59.000000Z"}, {"uuid": "061fcafe-c3ac-4cc4-8da8-6ed138527492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22896", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4364", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22896\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T22:15:11.737\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16\n2. https://www.myscada.org/contacts/\n3. https://www.myscada.org/downloads/mySCADAPROManager/", "creation_timestamp": "2025-02-13T23:11:45.000000Z"}, {"uuid": "34083f6b-f550-46d5-b188-2534c68ef97f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22897", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6325", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22897\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow.\n\ud83d\udccf Published: 2025-03-04T03:44:44.313Z\n\ud83d\udccf Modified: 2025-03-04T03:44:44.313Z\n\ud83d\udd17 References:\n1. https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-03.md", "creation_timestamp": "2025-03-04T04:34:31.000000Z"}, {"uuid": "37715659-b006-4f59-a25e-30bcbd2b2339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2289", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7534", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2289\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Zegen - Church WordPress Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX endpoints in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import, export, and update theme options.\n\ud83d\udccf Published: 2025-03-14T05:24:02.910Z\n\ud83d\udccf Modified: 2025-03-14T05:24:02.910Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/a04db024-5198-490f-bf5f-d5bad1b21ce4?source=cve\n2. https://themeforest.net/item/zegen-church-wordpress-theme/25116823", "creation_timestamp": "2025-03-14T05:46:53.000000Z"}, {"uuid": "f5932984-5844-4b71-975c-1962be6de670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2289", "type": "seen", "source": "https://t.me/cvedetector/20263", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2289 - Zegen - Church WordPress Theme Unauthenticated AJAX Endpoint Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2289 \nPublished : March 14, 2025, 6:15 a.m. | 27\u00a0minutes ago \nDescription : The Zegen - Church WordPress Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX endpoints in all versions up to, and including, 1.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import, export, and update theme options. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T08:20:42.000000Z"}]}