{"vulnerability": "cve-2025-2505", "sightings": [{"uuid": "a8ed1c85-50ab-450f-874b-08923c4ced02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llf742chkm2z", "content": "", "creation_timestamp": "2025-03-27T21:02:09.999223Z"}, {"uuid": "f8209d30-3059-47ba-abf5-58e848eab0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lktsgnupps2q", "content": "", "creation_timestamp": "2025-03-20T23:00:06.407159Z"}, {"uuid": "a08e7397-0645-47b0-9fde-58233a2c1eec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25054", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lij4sx76q42o", "content": "", "creation_timestamp": "2025-02-19T06:16:15.416365Z"}, {"uuid": "e24e344f-ce10-4f29-adb6-02562dab7751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkscf7ljn32v", "content": "", "creation_timestamp": "2025-03-20T08:40:17.861827Z"}, {"uuid": "75d03000-7fd3-4787-88b5-e9d7045c3af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lksdomzswc26", "content": "", "creation_timestamp": "2025-03-20T09:03:33.384249Z"}, {"uuid": "c80451f8-7080-41f6-b483-cdc43d05ae1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25055", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lifybytrn423", "content": "", "creation_timestamp": "2025-02-18T00:17:12.517933Z"}, {"uuid": "631589c9-2f3c-43c4-908a-9906f73274cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25055", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ligd4lepzn23", "content": "", "creation_timestamp": "2025-02-18T03:31:01.951512Z"}, {"uuid": "68ad8edf-f191-49f4-8845-a53d94d72521", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25050", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrjjzizmg62r", "content": "", "creation_timestamp": "2025-06-13T22:59:18.566498Z"}, {"uuid": "336f9ab3-c92a-4959-89e6-f33048e9c3af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lkv2o57b6s2q", "content": "", "creation_timestamp": "2025-03-21T11:00:07.294028Z"}, {"uuid": "ba6b1c4b-c097-4232-9ee8-7a7a52216053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lksiytoyco2v", "content": "", "creation_timestamp": "2025-03-20T10:38:38.708212Z"}, {"uuid": "eb5943c1-9a1b-431e-9d01-2cce5343c022", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114194363644596222", "content": "", "creation_timestamp": "2025-03-20T10:48:27.868048Z"}, {"uuid": "6a3a4cb4-a8f8-4b47-a84b-28ef31e61203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25052", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loinx6en6l24", "content": "", "creation_timestamp": "2025-05-06T10:21:26.058635Z"}, {"uuid": "34f66395-0ec9-4ba4-b1f3-cc522b4b069d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25053", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114307846619733355", "content": "", "creation_timestamp": "2025-04-09T11:48:40.410987Z"}, {"uuid": "9a02a062-0ae9-4d3c-b563-93db474dcd55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25050", "type": "seen", "source": "https://infosec.place/objects/99935ba6-150e-4233-83bb-a2b05db4d2a5", "content": "", "creation_timestamp": "2025-08-09T13:00:25.294420Z"}, {"uuid": "bacf5310-c95b-48bd-8807-be9fce997fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25050", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114981965253717952", "content": "", "creation_timestamp": "2025-08-06T13:05:54.551794Z"}, {"uuid": "2d6ee341-cc84-4963-b3b4-dcb719c967e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25050", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lvqc2cznqk2q", "content": "", "creation_timestamp": "2025-08-06T13:06:02.567292Z"}, {"uuid": "78b65beb-6af3-43db-a45c-e5e7826b7ad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:49.000000Z"}, {"uuid": "2e4609e1-f952-4080-b481-406311e9bc21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25051", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-02", "content": "", "creation_timestamp": "2026-01-22T11:00:00.000000Z"}, {"uuid": "c563f816-bc8e-4541-b39e-a7bc0eff5174", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25055", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"}, {"uuid": "98a2b9ff-b694-49a3-b0e1-23f8ac2ce601", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25051", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3md2dzwhhqv2t", "content": "", "creation_timestamp": "2026-01-22T23:35:43.634938Z"}, {"uuid": "1dca62f5-a8db-4015-b8af-6d2b679f1909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25055", "type": "seen", "source": "https://t.me/cvedetector/18266", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25055 - FileMegane Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25055 \nPublished : Feb. 18, 2025, 12:15 a.m. | 1\u00a0hour, 5\u00a0minutes ago \nDescription : Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If exploited, restricted file contents may be accessed. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T02:35:20.000000Z"}, {"uuid": "010dcc4a-b2de-4d02-9a5d-56977fb2a978", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25054", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4772", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25054\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Movable Type contains a reflected cross-site scripting vulnerability in the user information edit page. When Multi-Factor authentication plugin is enabled and a user accesses a crafted page while logged in to the affected product, an arbitrary script may be executed on the web browser of the user.\n\ud83d\udccf Published: 2025-02-19T05:52:09.401Z\n\ud83d\udccf Modified: 2025-02-19T05:52:09.401Z\n\ud83d\udd17 References:\n1. https://www.movabletype.org/news/2025/02/mt-842-released.html\n2. https://jvn.jp/en/jp/JVN48742353/", "creation_timestamp": "2025-02-19T08:38:49.000000Z"}, {"uuid": "f740f14c-3ecd-4585-8de9-b2c06e1e5c85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25052", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15073", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25052\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.\n\ud83d\udccf Published: 2025-05-06T09:03:38.566Z\n\ud83d\udccf Modified: 2025-05-06T09:03:38.566Z\n\ud83d\udd17 References:\n1. https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-05.md", "creation_timestamp": "2025-05-06T09:21:15.000000Z"}, {"uuid": "2b52ca83-ee3a-4622-9549-3bbbb0adba33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25054", "type": "seen", "source": "https://t.me/cvedetector/18407", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25054 - Movable Type Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-25054 \nPublished : Feb. 19, 2025, 6:15 a.m. | 2\u00a0hours ago \nDescription : Movable Type contains a reflected cross-site scripting vulnerability in the user information edit page. When Multi-Factor authentication plugin is enabled and a user accesses a crafted page while logged in to the affected product, an arbitrary script may be executed on the web browser of the user. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T09:32:36.000000Z"}, {"uuid": "70a59ab1-f8b0-4559-a5b1-c0d6a7a18f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25055", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4726", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25055\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4.0.0, which may lead to user impersonation. If exploited, restricted file contents may be accessed.\n\ud83d\udccf Published: 2025-02-17T23:56:51.567Z\n\ud83d\udccf Modified: 2025-02-17T23:56:51.567Z\n\ud83d\udd17 References:\n1. https://www.info-brdg.co.jp/support/report/megane/sec20250201.html\n2. https://jvn.jp/en/jp/JVN80527854/", "creation_timestamp": "2025-02-18T03:16:09.000000Z"}, {"uuid": "fb1dbad0-93d8-4ca0-a1e1-3149c4a678e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8203", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2505\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included.\n\ud83d\udccf Published: 2025-03-20T07:29:57.851Z\n\ud83d\udccf Modified: 2025-03-20T14:51:26.885Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/d6ac2996-098f-474c-b44e-78d5af7b503a?source=cve\n2. https://plugins.trac.wordpress.org/browser/age-gate/trunk/vendor/agegate/common/src/Settings.php#L27\n3. https://plugins.trac.wordpress.org/changeset/3258075/", "creation_timestamp": "2025-03-20T15:18:13.000000Z"}, {"uuid": "17cbfd09-0ac3-407a-9df6-8f9c26add7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25050", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18344", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25050\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: An out-of-bounds write vulnerability exists in the \ncv_upgrade_sensor_firmware functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault 3 Plus prior to 6.2.26.36.\n A specially crafted ControlVault API call can lead to an out-of-bounds \nwrite. An attacker can issue an API call to trigger this vulnerability.\n\ud83d\udccf Published: 2025-06-13T21:03:18.087Z\n\ud83d\udccf Modified: 2025-06-13T21:03:18.087Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000276106/dsa-2025-053", "creation_timestamp": "2025-06-13T21:36:56.000000Z"}, {"uuid": "0c70d261-99f0-44f7-ae03-610a8bcd7cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25053", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11034", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25053\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: OS command injection vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product.\n\ud83d\udccf Published: 2025-04-09T09:03:09.322Z\n\ud83d\udccf Modified: 2025-04-09T09:03:09.322Z\n\ud83d\udd17 References:\n1. https://www.inaba.co.jp/abaniact/news/security_20250404.pdf\n2. https://jvn.jp/en/vu/JVNVU93925742/", "creation_timestamp": "2025-04-09T09:47:38.000000Z"}, {"uuid": "b8394db4-1403-4ae2-aa85-664240c9c197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25056", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11033", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25056\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Cross-site request forgery vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If a user views a malicious page while logged in, unintended operations may be performed.\n\ud83d\udccf Published: 2025-04-09T09:03:14.758Z\n\ud83d\udccf Modified: 2025-04-09T09:03:14.758Z\n\ud83d\udd17 References:\n1. https://www.inaba.co.jp/abaniact/news/security_20250404.pdf\n2. https://jvn.jp/en/vu/JVNVU93925742/", "creation_timestamp": "2025-04-09T09:47:37.000000Z"}, {"uuid": "048b7318-bcb9-4aa9-8b8d-74d2a6ec880e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25050", "type": "seen", "source": "https://t.me/true_secator/7303", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438 ControlVault3 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 100 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u043e\u0432 Dell \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0432\u0445\u043e\u0434 \u0432 Windows \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\nDell ControlVault - \u044d\u0442\u043e \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0445\u0440\u0430\u043d\u0438\u0442 \u043f\u0430\u0440\u043e\u043b\u0438, \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043a\u043e\u0434\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 \u043d\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u0439 \u043f\u043b\u0430\u0442\u0435, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a Unified Security Hub (USH).\n\n\u041f\u044f\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Cisco Talos \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0443\u0441\u043b\u043e\u0432\u043d\u044b\u0435 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ReVault \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043a\u0430\u043a \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 ControlVault3, \u0442\u0430\u043a \u0438 \u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Windows (API) \u0434\u043b\u044f \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u043e\u0432 \u0441\u0435\u0440\u0438\u0439 Latitude \u0438 Precision \u043e\u0442 Dell.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c ReVault \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 (CVE-2025-24311, CVE-2025-25050), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f (CVE-2025-25215), \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043a\u0430 (CVE-2025-24922 \u0438 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 (CVE-2025-24919), \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 API-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b Windows ControlVault.\n\n\u041e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435 \u0438\u0445 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u044b\u0435 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Windows.\n\n\u041b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u043e\u0443\u0442\u0431\u0443\u043a\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043c\u043e\u0436\u0435\u0442 \u0432\u0441\u043a\u0440\u044b\u0442\u044c \u0435\u0433\u043e \u0438 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043b\u0430\u0442\u0435 USH \u0447\u0435\u0440\u0435\u0437 USB \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u044a\u0435\u043c\u0430, \u043e\u0431\u043e\u0439\u0442\u0438 \u0432\u0445\u043e\u0434 \u0432 Windows \u0438\u043b\u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u0430\u043c \u043f\u0430\u043b\u044c\u0446\u0435\u0432, \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0446\u0435\u043b\u0435\u0432\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u00a0\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u0438 \u043f\u0430\u043b\u044c\u0446\u0435\u0432.\n\nTalos \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0447\u0435\u0440\u0435\u0437 \u0426\u0435\u043d\u0442\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0438\u043b\u0438 \u0441\u0430\u0439\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430, \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u043e\u0432 \u043f\u0430\u043b\u044c\u0446\u0435\u0432, \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u0430\u0440\u0442-\u043a\u0430\u0440\u0442 \u0438 \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u0438 NFC), \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0432\u0445\u043e\u0434 \u043f\u043e \u043e\u0442\u043f\u0435\u0447\u0430\u0442\u043a\u0443 \u043f\u0430\u043b\u044c\u0446\u0430 \u0432 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f\u0445 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0438\u0441\u043a\u0430.\n\n\u0414\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u0430 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0430\u0442\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u0440\u043f\u0443\u0441 \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 BIOS \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 \u0438 Enhanced Sign-in Security (ESS) \u0432 Windows \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043d\u0435\u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u043f\u0440\u043e\u0448\u0438\u0432\u043e\u043a CV.\n\nDell\u00a0\u0432\u044b\u043f\u0443\u0441\u043a\u0430\u043b\u0430 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ReVault \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0435 ControlVault3 \u0441 \u043c\u0430\u0440\u0442\u0430 \u043f\u043e \u043c\u0430\u0439.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 Dell \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2025-08-06T13:43:48.000000Z"}, {"uuid": "78de3917-b323-47ae-8bd9-1eb670055652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://t.me/NinjaSec/298", "content": "Certainly! Below is a curated list of critical CVEs from 2025 that involve code execution, browser bypasses, and internal service exposure. These are provided strictly for educational purposes to aid in understanding and mitigating such vulnerabilities.\n\n\n\ud83d\udd10 Critical CVEs from 2025 (Educational Use Only)\n\n1. CVE-2025-47241\n\nDescription: Whitelist bypass in the Browser Use automation tool allows attackers to access internal services via crafted URLs.\n\nCVSS Score: 9.3\n\nReference: \n\n\n\n2. CVE-2025-25014\n\nDescription: Prototype pollution in Kibana leads to arbitrary code execution through crafted HTTP requests to machine learning and reporting endpoints.\n\nCVSS Score: 9.1\n\nReference: \n\n\n\n3. CVE-2025-29927\n\nDescription: Authorization bypass in Next.js middleware allows attackers to access protected routes by manipulating internal headers.\n\nCVSS Score: 9.1\n\nReference: \n\n\n\n4. CVE-2025-24813\n\nDescription: \n\nCVSS Score: \n\nReference: \n\n\n\n5. CVE-2025-2783\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n6. CVE-2025-2636\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n7. CVE-2025-2505\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n8. CVE-2025-2746 & CVE-2025-2747\n\nDescription: \n\nCVSS Score: \n\nReference: \n\n\n\n9. CVE-2025-3066\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n10. CVE-2025-46728\n\nDescription: Denial of Service vulnerability in cpp-httplib, potentially exposing servers to service disruptions.\n\nCVSS Score: High\n\nReference: \n\n#HackersFactory", "creation_timestamp": "2025-05-19T12:58:14.000000Z"}, {"uuid": "7c0fae98-3bfe-4261-95b2-bac452f46abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://t.me/NinjaSec/299", "content": "Code execution, and bypass vulnerabilities \u2014 for educational purposes only:\n\n\n1. CVE-2025-47241 \u2013 Whitelist bypass in Browser Use tool (CVSS 9.3)\n2. CVE-2025-25014 \u2013 Prototype pollution in Kibana (CVSS 9.1)\n3. CVE-2025-29927 \u2013 Next.js middleware authorization bypass (CVSS 9.1)\n4. CVE-2025-24813 \u2013 Apache Tomcat path traversal RCE (Critical)\n5. CVE-2025-2783 \u2013 Chrome Mojo use-after-free (High)\n6. CVE-2025-2636 \u2013 WordPress InstaWP plugin LFI (High)\n7. CVE-2025-2505 \u2013 WordPress Age Gate plugin LFI (High)\n8. CVE-2025-2746 \u2013 Kentico CMS auth bypass (CVSS 9.8)\n9. CVE-2025-2747 \u2013 Kentico CMS staging sync auth bypass (CVSS 9.8)\n10. CVE-2025-3066 \u2013 Chrome Site Isolation use-after-free (High)\n11. CVE-2025-46728 \u2013 cpp-httplib DoS vulnerability\n12. CVE-2025-12345 \u2013 Buffer overflow in XYZ app (CVSS 9.0)\n13. CVE-2025-12346 \u2013 SQL injection in ABC web app (CVSS 8.5)\n14. CVE-2025-12347 \u2013 XSS in DEF platform (CVSS 7.8)\n15. CVE-2025-12348 \u2013 Auth bypass in GHI system (CVSS 9.2)\n16. CVE-2025-12349 \u2013 RCE in JKL service via crafted packets (CVSS 9.5)\n17. CVE-2025-12350 \u2013 Privilege escalation in MNO app (CVSS 8.7)\n18. CVE-2025-12351 \u2013 Info disclosure in PQR system (CVSS 7.5)\n19. CVE-2025-12352 \u2013 DoS in STU server (CVSS 6.8)\n20. CVE-2025-12353 \u2013 Directory traversal in VWX app (CVSS 8.0)\n21. CVE-2025-12354 \u2013 Command injection in YZA tool (CVSS 9.1)\n22. CVE-2025-12355 \u2013 Insecure deserialization in BCD lib (CVSS 9.3)\n23. CVE-2025-12356 \u2013 CSRF in EFG portal (CVSS 7.2)\n24. CVE-2025-12357 \u2013 Memory corruption in HIJ driver (CVSS 8.9)\n25. CVE-2025-12358 \u2013 Improper auth in KLM API (CVSS 9.0)\n\n#HackersFactory", "creation_timestamp": "2025-05-07T15:48:27.000000Z"}, {"uuid": "61f226be-52b3-4903-9c23-d9fb6b44006a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25056", "type": "seen", "source": "https://t.me/cvedetector/22546", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25056 - Wi-Fi AP UNIT AC-WPS-11ac Cross-Site Request Forgery\", \n  \"Content\": \"CVE ID : CVE-2025-25056 \nPublished : April 9, 2025, 9:15 a.m. | 48\u00a0minutes ago \nDescription : Cross-site request forgery vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If a user views a malicious page while logged in, unintended operations may be performed. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T12:35:28.000000Z"}, {"uuid": "3424a1bb-9f16-4564-9f1f-c2e7a3133922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25057", "type": "seen", "source": "https://t.me/cvedetector/22242", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25057 - OpenHarmony Memory Leak DoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25057 \nPublished : April 7, 2025, 3:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T07:01:19.000000Z"}, {"uuid": "38398fa5-cdec-4719-b2ea-0007a781fb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25053", "type": "seen", "source": "https://t.me/cvedetector/22545", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25053 - Wi-Fi AP UNIT 'AC-WPS-11ac series' OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25053 \nPublished : April 9, 2025, 9:15 a.m. | 48\u00a0minutes ago \nDescription : OS command injection vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-09T12:35:28.000000Z"}, {"uuid": "c546fcd0-7ece-4e99-bc92-d29d985b774f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "seen", "source": "https://t.me/cvedetector/20706", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2505 - WordPress Age Gate PHP File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2505 \nPublished : March 20, 2025, 8:15 a.m. | 1\u00a0hour, 35\u00a0minutes ago \nDescription : The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T11:32:45.000000Z"}, {"uuid": "4dcbe482-2375-4d83-8ecb-d17a97e1a24f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25054", "type": "seen", "source": "Telegram/G6sKo8ItrdeF5QqNdyGgeFgBBUBgnYjUcS5hA8hx4UJudBZH", "content": "", "creation_timestamp": "2025-02-19T15:39:50.000000Z"}, {"uuid": "b7bf459b-ce0b-47f4-baa0-64ee293b6f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2505", "type": "published-proof-of-concept", "source": "Telegram/NQlvjHhG2-VIGa7A-fQOLEf1RIrC3ATUo7ji5TmFiVmJeeU", "content": "", "creation_timestamp": "2025-03-20T09:30:37.000000Z"}, {"uuid": "9458fd8e-0e2c-434d-8623-d3c5741ba92b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25052", "type": "seen", "source": "https://t.me/cvedetector/24578", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25052 - OpenHarmony Buffer Overflow Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-25052 \nPublished : May 6, 2025, 9:15 a.m. | 44\u00a0minutes ago \nDescription : in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T12:48:30.000000Z"}]}