{"vulnerability": "cve-2025-2335", "sightings": [{"uuid": "023d4397-ba92-48a7-83f9-ad9c67e60109", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986946256894513", "content": "", "creation_timestamp": "2025-02-11T19:39:29.625856Z"}, {"uuid": "10a50bdf-89c5-4449-a3ab-9c04764df13c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113988200059363819", "content": "", "creation_timestamp": "2025-02-12T00:58:21.178505Z"}, {"uuid": "61f57a06-d9a8-488e-8f5e-3dfefbfd6b10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhwyrl4exz2z", "content": "", "creation_timestamp": "2025-02-12T01:15:58.918197Z"}, {"uuid": "01189268-1bec-4e65-9336-ce62abfdbad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113988633470725836", "content": "", "creation_timestamp": "2025-02-12T02:48:34.254998Z"}, {"uuid": "cee9eb79-eff4-4eb5-b464-2a9ca13b969d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhxddbnj3f2v", "content": "", "creation_timestamp": "2025-02-12T04:24:53.470026Z"}, {"uuid": "668176d7-3469-48ee-9b20-988192868686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lhyikqy34q2g", "content": "", "creation_timestamp": "2025-02-12T15:31:09.669853Z"}, {"uuid": "2ab939d2-10ba-4961-b111-9ffb69a92e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://thehackernews.com/2025/02/researchers-find-new-exploit-bypassing.html", "content": "", "creation_timestamp": "2025-02-12T13:04:00.000000Z"}, {"uuid": "c267163f-b3cc-409a-8350-027b1b6c4edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3li3hri72i226", "content": "", "creation_timestamp": "2025-02-13T19:55:02.204604Z"}, {"uuid": "304fa0e8-ecc2-4da8-9c54-44487fbbc415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://threatintel.cc/2025/02/13/researchers-find-new-exploit-bypassing.html", "content": "", "creation_timestamp": "2025-02-13T12:16:18.000000Z"}, {"uuid": "f93ed97e-6f1d-437f-8009-acaa11fdfdec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3li5hyh6v4323", "content": "", "creation_timestamp": "2025-02-14T15:04:14.558909Z"}, {"uuid": "4a0bfbcd-390b-4ecb-8d90-c3607078f06a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://infosec.exchange/users/andersonc0d3/statuses/114002872744958710", "content": "", "creation_timestamp": "2025-02-14T15:09:48.241251Z"}, {"uuid": "4907f3e5-c136-40f8-9f18-69e36c609b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/andersonc0d3.bsky.social/post/3li5icrcfnc2f", "content": "", "creation_timestamp": "2025-02-14T15:10:01.593789Z"}, {"uuid": "4fa7bf4f-f064-441f-baa6-fad27f6c8439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/arty-san.bsky.social/post/3li5vu5vh2c2a", "content": "", "creation_timestamp": "2025-02-14T19:12:24.476145Z"}, {"uuid": "7b7c25c1-90fa-4232-8dde-3c34bedf0a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/sakaijjang.bsky.social/post/3libqqxuswk22", "content": "", "creation_timestamp": "2025-02-16T07:51:52.154431Z"}, {"uuid": "18d848db-cf87-4f46-8ea9-fb85ae8e4f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-087/", "content": "", "creation_timestamp": "2025-02-19T05:00:00.000000Z"}, {"uuid": "6d57cf87-d051-4cb9-8a37-057abcd26a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lnr3oinbr226", "content": "", "creation_timestamp": "2025-04-27T01:23:15.493430Z"}, {"uuid": "6de5f392-2d95-4175-a616-e290b724264a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-67efc907-5d48de1d9f6b78a7", "content": "", "creation_timestamp": "2025-07-24T20:38:54.848082Z"}, {"uuid": "82c2a4cc-daa3-44cc-8294-57f989169c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23358", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m5f3324yk22m", "content": "", "creation_timestamp": "2025-11-11T21:23:24.975098Z"}, {"uuid": "0ff215cc-564b-4f77-a73f-86388d2178ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:38.000000Z"}, {"uuid": "34e7375e-d8a7-424c-8d56-5b580fe946f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "1ca5be22-3218-4aad-9bfc-350f191267e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23358", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m4woywlhli2s", "content": "", "creation_timestamp": "2025-11-06T04:10:12.807170Z"}, {"uuid": "d37d571b-427c-4929-b91f-65fce7461a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23358", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4th3jsuore2", "content": "", "creation_timestamp": "2025-11-04T21:10:47.758088Z"}, {"uuid": "af7d4cb5-866f-4dab-a47e-d24bfb90b3c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23358", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m4tki4h6rr2q", "content": "", "creation_timestamp": "2025-11-04T22:11:14.300209Z"}, {"uuid": "e1a0e0c5-fde8-4cbb-add3-89f735220dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23357", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-1038/", "content": "", "creation_timestamp": "2025-12-01T05:00:00.000000Z"}, {"uuid": "c4496812-48e3-4219-946f-02f155fabe67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/cvedetector/17795", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23359 - NVIDIA Container Toolkit TOCTOU File System Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23359 \nPublished : Feb. 12, 2025, 1:15 a.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T04:19:17.000000Z"}, {"uuid": "1a2d6d8c-feb2-4ca7-a0ca-092c6df63a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/itsec_news/5391", "content": "\u200b\u26a1\ufe0fCVE-2025-23359: \u043d\u043e\u0432\u0430\u044f \u043b\u0430\u0437\u0435\u0439\u043a\u0430 \u0432 \u0441\u043e\u0444\u0442\u0435 Nvidia \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\n\n\ud83d\udcac \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 NVIDIA Container Toolkit, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u044e \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0445\u043e\u0441\u0442\u0443. \u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-23359 \u0438 \u043e\u0446\u0435\u043d\u043a\u0443 8.3 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432:\n\nNVIDIA Container Toolkit \u2014 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 1.17.3 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 1.17.4)\nNVIDIA GPU Operator \u2014 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 24.9.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 24.9.2)\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f NVIDIA \u0432 \u0441\u0432\u043e\u0451\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0438 \u0443\u043a\u0430\u0437\u0430\u043b\u0430, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e TOCTOU (Time-of-Check to Time-of-Use). \u0412 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430. \u042d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430, \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0439 \u0441 \u0434\u0430\u043d\u043d\u044b\u043c\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Wiz, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0430\u044f\u0441\u044f \u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 . \u041e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e CVE-2025-23359 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u043c \u043c\u0435\u0442\u043e\u0434\u043e\u043c \u0434\u043b\u044f \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-0132 (CVSS: 9.0), \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0439 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0440\u043d\u0435\u0432\u0443\u044e \u0444\u0430\u0439\u043b\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0445\u043e\u0441\u0442\u0430 \u0432\u043d\u0443\u0442\u0440\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u043f\u043e\u043b\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c. \u041f\u043e\u043c\u0438\u043c\u043e \u044d\u0442\u043e\u0433\u043e, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u044b \u0447\u0435\u0440\u0435\u0437 Unix-\u0441\u043e\u043a\u0435\u0442\u044b, \u0447\u0442\u043e \u0432\u0435\u0434\u0451\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0445\u043e\u0441\u0442\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u0428\u0438\u0440 \u0422\u0430\u043c\u0430\u0440\u0438, \u0420\u043e\u043d\u0435\u043d \u0428\u0443\u0441\u0442\u0438\u043d \u0438 \u0410\u043d\u0434\u0440\u0435\u0441 \u0420\u0438\u0430\u043d\u0447\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 NVIDIA Container Toolkit \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0434\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u0443\u0442\u0438 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438\u0437 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0445\u043e\u0441\u0442\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Unix-\u0441\u043e\u043a\u0435\u0442\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0425\u043e\u0442\u044f \u0431\u0430\u0437\u043e\u0432\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043b\u0438\u0448\u044c \u0447\u0442\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0445\u043e\u0441\u0442\u0430, \u044d\u0442\u043e\u0442 \u0431\u0430\u0440\u044c\u0435\u0440 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a, \u043f\u0440\u043e\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u0445\u043e\u0441\u0442\u0435.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c NVIDIA Container Toolkit \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438 \u043d\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0444\u043b\u0430\u0433 \u00ab--no-cntlibs\u00bb \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-02-13T15:45:09.000000Z"}, {"uuid": "f6082a6d-99dd-48ce-aa65-6e7fb5fb51e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4004", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23359\n\ud83d\udd25 CVSS Score: 9.2 (CVSS_V3)\n\ud83d\udd39 Description: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\n\ud83d\udccf Published: 2025-02-12T03:31:14Z\n\ud83d\udccf Modified: 2025-02-12T03:31:14Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-23359\n2. https://nvidia.custhelp.com/app/answers/detail/a_id/5616", "creation_timestamp": "2025-02-12T04:08:47.000000Z"}, {"uuid": "bfb53143-11a5-4cfd-8950-a6fd40c4dbd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2335", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7698", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2335\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in Drivin Solu\u00e7\u00f5es up to 20250226. This vulnerability affects unknown code of the file /api/school/registerSchool of the component API Handler. The manipulation of the argument message leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-16T02:31:04.489Z\n\ud83d\udccf Modified: 2025-03-16T02:31:04.489Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299800\n2. https://vuldb.com/?ctiid.299800\n3. https://vuldb.com/?submit.509834\n4. https://github.com/yago3008/cves", "creation_timestamp": "2025-03-16T03:45:45.000000Z"}, {"uuid": "822a3f4a-906b-4448-8f57-f40ae0fb4055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11427", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23359\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.\n\ud83d\udccf Published: 2025-02-12T00:52:43.646Z\n\ud83d\udccf Modified: 2025-04-11T13:24:14.643Z\n\ud83d\udd17 References:\n1. https://nvidia.custhelp.com/app/answers/detail/a_id/5616", "creation_timestamp": "2025-04-11T13:51:22.000000Z"}, {"uuid": "7c8204db-fe9c-4732-a43d-5ebc13cf5391", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/ics_cert/1121", "content": "\u0645\u062d\u0642\u0642\u0627\u0646 Trend Micro \u06a9\u0647 CVE-2025-23359 \u06a9\u0634\u0641 \u06a9\u0631\u062f\u0646\u062f \u0645\u0642\u0627\u0644\u0647 \u0627\u06cc \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u0646\u062f.\n\n\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062b\u0627\u0644\u060c \u0622\u0646\u0647\u0627 \u0647\u0646\u06af\u0627\u0645 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0686\u0646\u062f\u06cc\u0646 \u0645\u0627\u0646\u062a \u062f\u0631 \u06cc\u06a9 \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631 \u0645\u062a\u0648\u062c\u0647 \u0628\u0631\u062e\u06cc \u0645\u0634\u06a9\u0644\u0627\u062a \u0639\u0645\u0644\u06a9\u0631\u062f\u06cc \u0634\u062f\u0646\u062f \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 DoS \u0634\u0648\u062f (\u0647\u0645\u0627\u0646 \u0645\u0634\u06a9\u0644 \u0639\u0645\u0644\u06a9\u0631\u062f \u0628\u0647 \u0637\u0648\u0631 \u0645\u0633\u062a\u0642\u0644 \u062a\u0648\u0633\u0637 moby \u0648 NVIDIA \u06af\u0632\u0627\u0631\u0634 \u0634\u062f\u0647 \u0627\u0633\u062a):\n\n1. \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u06cc\u06a9 \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631 \u062c\u062f\u06cc\u062f \u0628\u0627 \u0686\u0646\u062f\u06cc\u0646 \u0645\u0627\u0646\u062a \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0634\u062f\u0647 \u0628\u0627 ( bind-propagation=shared ) \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u0634\u0648\u062f\u060c \u0686\u0646\u062f\u06cc\u0646 \u0645\u0633\u06cc\u0631 \u0648\u0627\u0644\u062f/\u0641\u0631\u0632\u0646\u062f \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u0634\u0648\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u067e\u0633 \u0627\u0632 \u062e\u0627\u062a\u0645\u0647 \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631\u060c \u0648\u0631\u0648\u062f\u06cc\u200c\u0647\u0627\u06cc \u0645\u0631\u062a\u0628\u0637 \u0627\u0632 \u062c\u062f\u0648\u0644 \u0646\u0635\u0628 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u062d\u0630\u0641 \u0646\u0645\u06cc\u200c\u0634\u0648\u0646\u062f.\n\n2. \u0627\u06cc\u0646 \u0628\u0627\u0639\u062b \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u062c\u062f\u0648\u0644 mount \u0628\u0647 \u0633\u0631\u0639\u062a \u0648 \u0628\u0647 \u0637\u0648\u0631 \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u06a9\u0646\u062a\u0631\u0644\u06cc \u0631\u0634\u062f \u06a9\u0646\u062f \u0648 \u062a\u0648\u0635\u06cc\u0641\u06af\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0644 \u0645\u0648\u062c\u0648\u062f ( fd ) \u0631\u0627 \u062e\u0633\u062a\u0647 \u06a9\u0646\u062f. \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a Docker \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0641\u0631\u0633\u0648\u062f\u06af\u06cc fd \u0642\u0627\u062f\u0631 \u0628\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0627\u0646\u062a\u06cc\u0646\u0631\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f \u0646\u06cc\u0633\u062a.\n\n3. \u0627\u06cc\u0646 \u062c\u062f\u0648\u0644 \u0646\u0635\u0628 \u0628\u06cc\u0634 \u0627\u0632 \u062d\u062f \u0628\u0632\u0631\u06af \u0628\u0627 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0627\u062a\u0635\u0627\u0644 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0647 \u0647\u0627\u0633\u062a (\u0645\u062b\u0644\u0627\u064b \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH ) \u0628\u0627\u0639\u062b \u0645\u0634\u06a9\u0644\u0627\u062a \u062c\u062f\u06cc \u0639\u0645\u0644\u06a9\u0631\u062f \u0645\u06cc \u0634\u0648\u062f.\n\n\u0628\u0631 \u0627\u06cc\u0646 \u0627\u0633\u0627\u0633\u060c \u0628\u0631\u062e\u06cc \u0627\u0632 \u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc CVE-2025-23359 \u0641\u0627\u0634 \u0634\u062f (\u0627\u0645\u0627 \u0647\u06cc\u0686 PoC \u0627\u0631\u0627\u0626\u0647 \u0646\u0634\u062f):\n\n1. \u0645\u0647\u0627\u062c\u0645 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0646\u0645\u0627\u062f\u06cc\u0646 volume \u060c \u062f\u0648 \u062a\u0635\u0648\u06cc\u0631 \u0645\u062e\u0631\u0628 \u0645\u062e\u0631\u0628 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f.\n2. \u0645\u0647\u0627\u062c\u0645 \u0628\u0647 \u0637\u0648\u0631 \u0645\u0633\u062a\u0642\u06cc\u0645 \u06cc\u0627 \u063a\u06cc\u0631\u0645\u0633\u062a\u0642\u06cc\u0645 \u062a\u0635\u0648\u06cc\u0631 \u0631\u0627 \u0631\u0648\u06cc \u067e\u0644\u062a\u0641\u0631\u0645 \u0642\u0631\u0628\u0627\u0646\u06cc \u0627\u062c\u0631\u0627 \u0645\u06cc \u06a9\u0646\u062f\n3. \u0627\u06cc\u0646 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0634\u0631\u0627\u06cc\u0637 \u0645\u0633\u0627\u0628\u0642\u0647 \u0628\u0647 \u0633\u06cc\u0633\u062a\u0645 \u0641\u0627\u06cc\u0644 \u0645\u06cc\u0632\u0628\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f.\n4. \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc\u060c \u0645\u0647\u0627\u062c\u0645 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u062a\u0639\u0627\u0642\u0628\u0627\u064b \u0628\u0647 \u0633\u0648\u06a9\u062a \u0647\u0627\u06cc Container Runtime Unix \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a root \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f\u060c \u06cc\u0639\u0646\u06cc \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0631 \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f.\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-19T17:10:10.000000Z"}, {"uuid": "3e65d38b-6a2c-4ab8-a7b0-38cae475705e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/rafa_sec/125", "content": "\ud83d\udea8 NVIDIA\u2019s critical security fix failed!\n\nNVIDIA\u2019s patch for CVE-2024-0132 (CVSS 9.0) was incomplete \u2014 attackers can still escape containers and gain root access (CVE-2025-23359).\n\n\ud83d\udc40 Admins: Threat actors are watching...\n\u2705 Patch now\n\u2705 Audit your containers\n\u2705 Lock down Docker APIs\n\nFull report \u2794 https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html", "creation_timestamp": "2025-04-15T09:16:23.000000Z"}, {"uuid": "edfa23d7-0ac9-4f17-9ccb-fa631d7ddbef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/CyberBulletin/3011", "content": "\u26a1\ufe0fNVIDIA\u2019s patch for CVE-2024-0132 (CVSS 9.0) was incomplete \u2014 attackers can still escape containers and gain root access (CVE-2025-23359).\n\n#CyberBulletin", "creation_timestamp": "2025-04-12T02:00:49.000000Z"}, {"uuid": "1b336c1f-9bb3-402c-9134-a70cc7f51c9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2335", "type": "seen", "source": "https://t.me/cvedetector/20399", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2335 - Drivin Solu\u00e7\u00f5es API Handler Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2335 \nPublished : March 16, 2025, 3:15 a.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in Drivin Solu\u00e7\u00f5es up to 20250226. This vulnerability affects unknown code of the file /api/school/registerSchool of the component API Handler. The manipulation of the argument message leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-16T06:20:33.000000Z"}, {"uuid": "b20d2cb1-60e3-4f59-84ce-1f23a0e696fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "Telegram/Aa-mJwZiwTCfoBEQv0lRdJpPDlbI1xOoLBXO2yYDbMtOaA", "content": "", "creation_timestamp": "2025-02-12T16:32:28.000000Z"}, {"uuid": "22b0c87f-8048-4c24-b66f-52a07bf16e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "Telegram/1CU4p-35uR_OEd5tkAHkEjg_BY2nsASvWGQ5wETIDJqGUhs", "content": "", "creation_timestamp": "2025-02-12T03:00:28.000000Z"}, {"uuid": "4ab3b8ad-9c6b-416e-8631-1851180380cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6729", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043e\u0431\u0445\u043e\u0434\u0430 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 NVIDIA Container Toolkit, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u043e\u0432\u043e\u043c\u0443 \u0445\u043e\u0441\u0442\u0443.\n\n\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-23359 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 8.3.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 NVIDIA Container Toolkit (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 1.17.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 1.17.4) \u0438 NVIDIA GPU Operator (\u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 24.9.1 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 24.9.2).\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442, \u0447\u0442\u043e NVIDIA Container Toolkit \u0434\u043b\u044f Linux \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c TOCTOU\u00a0(Time-of-Check Time-of-Use) \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043e\u0431\u0440\u0430\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE, DoS, EoP, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0432 \u0435\u0435 \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2024-0132 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,0, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 NVIDIA \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430.\n\n\u0412\u043a\u0440\u0430\u0442\u0446\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0440\u043d\u0435\u0432\u0443\u044e \u0444\u0430\u0439\u043b\u043e\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0445\u043e\u0441\u0442\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0438\u043c \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0444\u0430\u0439\u043b\u0430\u043c.\n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u044d\u0442\u043e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430 \u0445\u043e\u0441\u0442\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u043a\u0435\u0442 Unix \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u043f\u0443\u0442\u0438 \u043a \u0444\u0430\u0439\u043b\u0430\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043c\u043e\u0436\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 \u0434\u043e\u0431\u0438\u0432\u0430\u044f\u0441\u044c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u0432\u043d\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 (\u0442.\u0435. \u0438\u0437 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430) \u0432 \u043f\u0443\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0438 \u00ab/usr/lib64\u00bb.\n\n\u0425\u043e\u0442\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0445\u043e\u0441\u0442\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0439 \u043f\u0440\u0438 \u0432\u044b\u0445\u043e\u0434\u0435 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f, \u044d\u0442\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044f \u0441 \u0441\u043e\u043a\u0435\u0442\u0430\u043c\u0438 Unix \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u044d\u0442\u043e\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0442\u0440\u0430\u0444\u0438\u043a, \u043e\u0442\u043b\u0430\u0436\u0438\u0432\u0430\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0445\u043e\u0441\u0442\u0430.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c NVIDIA Container Toolkit \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u00a0\u0444\u043b\u0430\u0433 \u00ab--no-cntlibs\u00bb\u00a0\u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445.", "creation_timestamp": "2025-02-13T13:35:57.000000Z"}, {"uuid": "bf4b3b4d-e10c-4faa-a142-eb9e3103c899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "exploited", "source": "https://t.me/thehackernews/6648", "content": "\ud83d\udea8 NVIDIA\u2019s critical security fix failed!\n\nNVIDIA\u2019s patch for CVE-2024-0132 (CVSS 9.0) was incomplete \u2014 attackers can still escape containers and gain root access (CVE-2025-23359).\n\n\ud83d\udc40 Admins: Threat actors are watching...\n\u2705 Patch now\n\u2705 Audit your containers\n\u2705 Lock down Docker APIs\n\nFull report \u2794 https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html", "creation_timestamp": "2025-04-10T16:19:38.000000Z"}, {"uuid": "2a5d7721-3c13-463e-90fd-6382ba2e56ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23359", "type": "seen", "source": "https://t.me/thehackernews/6330", "content": "\ud83d\udea8 Alert - A new vulnerability (CVE-2025-23359) in NVIDIA's Container Toolkit could break container isolation and give attackers full access to your system.\n\nIf exploited, attackers could bypass isolation protections, accessing your files and even running malicious code.\n\n\ud83d\udd17 Get all the details: https://thehackernews.com/2025/02/researchers-find-new-exploit-bypassing.html", "creation_timestamp": "2025-02-12T15:23:47.000000Z"}, {"uuid": "cc1c0529-cf6a-45a9-b098-5208435f5c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23351", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116840007230776932", "content": "Broadcom has a long list of advisories for a bunch of vulnerabilities, included critical and high-severity holes https://support.broadcom.com/web/ecx/security-advisory\nCISA:\nSeveral industrial vulnerabilities have been added https://www.cisa.gov/\nCisco:\nEconolite has been tagged for zero-day reports https://talosintelligence.com/vulnerability_info\nDell:\n- CRITICAL: Security Update for Dell Encryption for Multiple libexpat Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000475690/dsa-2026-268\nTwo others:\n- https://www.dell.com/support/kbdoc/en-us/000483600/dsa-2026-261-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities\n- https://www.dell.com/support/kbdoc/en-us/000483600/dsa-2026-261-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities\nNvidia:\nThere are several advisories today, three of them critical:\nCRITICAL:\n- CVE-2026-24270: NVIDIA AIStore Framework - June 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5849\n- CVE-2025-23351, CVE-2025-23350: NVIDIA Networking BlueField and ConnectX - June 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5699\n- NVIDIA Megatron Bridge - June 2026, affecting multiple CVEs https://nvidia.custhelp.com/app/answers/detail/a_id/5841\nMore: https://www.nvidia.com/en-us/product-security/\nYesterday:\nApple:\nSeveral security updates: https://support.apple.com/en-us/100100 #infosec #vulnerability #Apple #Nvidia #Dell #Cisco #CISA #Broadcom", "creation_timestamp": "2026-06-30T16:30:28.701539Z"}, {"uuid": "6dcd742d-c9eb-4f3e-94c6-d7f0bf18ae30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23350", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116840007230776932", "content": "Broadcom has a long list of advisories for a bunch of vulnerabilities, included critical and high-severity holes https://support.broadcom.com/web/ecx/security-advisory\nCISA:\nSeveral industrial vulnerabilities have been added https://www.cisa.gov/\nCisco:\nEconolite has been tagged for zero-day reports https://talosintelligence.com/vulnerability_info\nDell:\n- CRITICAL: Security Update for Dell Encryption for Multiple libexpat Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000475690/dsa-2026-268\nTwo others:\n- https://www.dell.com/support/kbdoc/en-us/000483600/dsa-2026-261-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities\n- https://www.dell.com/support/kbdoc/en-us/000483600/dsa-2026-261-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities\nNvidia:\nThere are several advisories today, three of them critical:\nCRITICAL:\n- CVE-2026-24270: NVIDIA AIStore Framework - June 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5849\n- CVE-2025-23351, CVE-2025-23350: NVIDIA Networking BlueField and ConnectX - June 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5699\n- NVIDIA Megatron Bridge - June 2026, affecting multiple CVEs https://nvidia.custhelp.com/app/answers/detail/a_id/5841\nMore: https://www.nvidia.com/en-us/product-security/\nYesterday:\nApple:\nSeveral security updates: https://support.apple.com/en-us/100100 #infosec #vulnerability #Apple #Nvidia #Dell #Cisco #CISA #Broadcom", "creation_timestamp": "2026-06-30T16:30:28.740278Z"}]}