{"vulnerability": "cve-2025-4716", "sightings": [{"uuid": "e692e49a-01a6-4aef-a3ca-da5e683d8666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47161", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114515955677810706", "content": "", "creation_timestamp": "2025-05-16T05:53:32.368235Z"}, {"uuid": "434a4f8a-d2a9-4e11-8405-7ec60b0f95d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47166", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lt3mss627n2i", "content": "", "creation_timestamp": "2025-07-03T21:02:22.631287Z"}, {"uuid": "ee84ca34-8d06-4cd8-b986-1f8637cd9450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47162", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrjr46pgec2g", "content": "", "creation_timestamp": "2025-06-14T01:06:08.224032Z"}, {"uuid": "2ec8f2aa-de9c-4f62-92ac-86ad3fb9b781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47164", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrjr46pgec2g", "content": "", "creation_timestamp": "2025-06-14T01:06:08.425155Z"}, {"uuid": "ee4d1e4b-3254-4f17-9a4f-1420bf71480b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47164", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "6800d5db-2dd0-4530-8bd4-a83eaea9c182", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47167", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "df40aecf-5f6e-44fd-90b7-25ef73d7ee15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47162", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "42c30671-2c45-4712-8cf6-76681a9efe22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47166", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "03abf47a-e472-4079-98fa-313f6355360c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47160", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "4a66a6e1-d404-4836-bcac-3914193c147c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47165", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "80b9de23-f3aa-4719-8302-089fc665b2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47163", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "f2e1d384-0a65-40ed-82fa-ae1ffa3f6a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47168", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "62af994c-6516-49d0-a4cf-51aa226fd271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47169", "type": "seen", "source": "https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review", "content": "", "creation_timestamp": "2025-06-10T15:24:53.000000Z"}, {"uuid": "efe18ef0-dbbe-406b-9801-085ad7c8a86b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47166", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrbmr6imac2c", "content": "", "creation_timestamp": "2025-06-10T19:27:08.134492Z"}, {"uuid": "6485a7e1-7d06-4236-8687-5c8af0c90d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47163", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrbmvrxite2o", "content": "", "creation_timestamp": "2025-06-10T19:29:37.100611Z"}, {"uuid": "df97857c-5eab-4644-a578-4d2eef2a4d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47162", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrbnufxn5z23", "content": "", "creation_timestamp": "2025-06-10T19:46:44.789138Z"}, {"uuid": "1517f097-3dec-4e5b-a31b-dd837c056709", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47167", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrboy7p7up2e", "content": "", "creation_timestamp": "2025-06-10T20:06:46.139855Z"}, {"uuid": "e661f77c-23ef-40d3-8392-9a433c74457c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47161", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ltkpmbjbnu2w", "content": "", "creation_timestamp": "2025-07-09T21:02:24.755460Z"}, {"uuid": "5ad9c56b-d735-42b7-8b61-108fe7ae53c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471638", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "597adea0-f780-42d1-a208-684a7e70a938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471668", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "b8634e0e-408c-4474-bac5-94af30528aa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471697", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "c9dee71b-f37e-464f-a286-96d471ecb1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471687", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "7b6edaf4-b311-4c05-be21-9fce23c30a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471628", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "0cb996b9-34a1-4e6a-8fc3-10a97dd7df9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471648", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "257cb2d5-738f-4c64-b75f-97b55570d3d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471678", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "6aa1e7cc-9012-4fd5-991c-ed9f94f660a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-471657", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0189", "content": "", "creation_timestamp": "2025-06-10T16:45:25.000000Z"}, {"uuid": "5df67cfb-4529-4c96-b2e3-92965386fd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47165", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lsigdrgynn2q", "content": "", "creation_timestamp": "2025-06-26T05:46:01.314776Z"}, {"uuid": "42310b75-e79c-4c71-af9e-a711085e7daf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47165", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lsmjzb7tsr22", "content": "", "creation_timestamp": "2025-06-27T21:02:29.700515Z"}, {"uuid": "3f8ebd3e-9721-420f-b9e4-b41759dea719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47160", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114665888991677107", "content": "", "creation_timestamp": "2025-06-11T17:23:33.172733Z"}, {"uuid": "1ab7dad5-13e2-456b-ae6f-457bb3c30d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47161", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114513585850479893", "content": "", "creation_timestamp": "2025-05-15T19:50:51.843921Z"}, {"uuid": "812fe59c-93e9-4cce-9871-abdab5836f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47165", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ly226rzxqo2a", "content": "", "creation_timestamp": "2025-09-04T21:02:32.460810Z"}, {"uuid": "686e587d-5e4f-42a9-a24f-034efb0ea488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47165", "type": "seen", "source": "Telegram/P2vk45YjQVs1kRNLb_yoXwC7gYcgcoPfm4g-Zbj4iW2Ax8E", "content": "", "creation_timestamp": "2025-09-05T03:06:38.000000Z"}, {"uuid": "023fb6f9-4f29-4256-96e9-32f030544fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47161", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16551", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47161\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Defender for Endpoint Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2025-05-15T19:21:43.092Z\n\ud83d\udccf Modified: 2025-05-15T19:21:43.092Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47161", "creation_timestamp": "2025-05-15T19:33:12.000000Z"}, {"uuid": "d60c444e-e8f8-4b75-8950-de95f485fce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47167", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17953", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47167\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-06-10T17:02:38.763Z\n\ud83d\udccf Modified: 2025-06-10T17:02:38.763Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47167", "creation_timestamp": "2025-06-10T17:32:51.000000Z"}, {"uuid": "3f5e2eb4-1ae9-4ce9-b921-b30705907ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47169", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17951", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47169\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-06-10T17:02:39.873Z\n\ud83d\udccf Modified: 2025-06-10T17:02:39.873Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47169", "creation_timestamp": "2025-06-10T17:32:49.000000Z"}, {"uuid": "032c2c0f-6be2-4503-ad1b-c6fcffd4ba43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47168", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47168\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-06-10T17:02:39.308Z\n\ud83d\udccf Modified: 2025-06-10T17:02:39.308Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47168", "creation_timestamp": "2025-06-10T17:32:50.000000Z"}, {"uuid": "42e2406b-7b62-4840-a1d8-1523c017c26c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47164", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17981", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47164\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-06-10T17:02:37.067Z\n\ud83d\udccf Modified: 2025-06-10T19:11:15.120Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47164", "creation_timestamp": "2025-06-10T19:31:25.000000Z"}, {"uuid": "0837da47-1d45-49c2-90a6-7d2b82890c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47165", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17983", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47165\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.\n\ud83d\udccf Published: 2025-06-10T17:02:37.548Z\n\ud83d\udccf Modified: 2025-06-10T19:08:51.704Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47165", "creation_timestamp": "2025-06-10T19:31:27.000000Z"}, {"uuid": "2262914f-a185-4904-b78f-55b08c9ef04a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47163", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18023", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47163\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.\n\ud83d\udccf Published: 2025-06-10T17:02:36.450Z\n\ud83d\udccf Modified: 2025-06-10T23:15:34.389Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47163", "creation_timestamp": "2025-06-10T23:33:07.000000Z"}, {"uuid": "3c7d1d09-5891-4856-84f2-d6244792c0ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18022", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47166\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.\n\ud83d\udccf Published: 2025-06-10T17:02:38.208Z\n\ud83d\udccf Modified: 2025-06-10T23:15:36.194Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47166", "creation_timestamp": "2025-06-10T23:33:06.000000Z"}, {"uuid": "7d234ef8-ee65-46a4-b261-482949bfaef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47162", "type": "exploited", "source": "https://t.me/kasperskyb2b/1772", "content": "\ud83d\udcbb \u0418\u044e\u043d\u044c\u0441\u043a\u0438\u0439 Patch Tuesday: \u0434\u0432\u0430 \u0437\u0438\u0440\u043e\u0434\u0435\u044f, \u043e\u0434\u0438\u043d \u0431\u043e\u0435\u0432\u043e\u0439\n\n\u041f\u0435\u0440\u0432\u044b\u0439 \u043b\u0435\u0442\u043d\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u043e\u0431\u044a\u0451\u043c\u043d\u044b\u043c \u2014 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e 67 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0445 10 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0438 57 \u0432\u0430\u0436\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432. 26 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE, 13 \u2014 EoP, 3 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 6 \u2014 DoS, 17 \u2014 \u0443\u0442\u0435\u0447\u043a\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0417\u0438\u0440\u043e\u0434\u0435\u0438\n\u0412 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f CVE-2025-33053 (CVSS3.1 8.8) \u2014 RCE \u0432 WebDAV, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445, \u043a\u043e\u0433\u0434\u0430 \u0436\u0435\u0440\u0442\u0432\u0430 \u043a\u043b\u0438\u043a\u043d\u0435\u0442 \u043d\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443. \u0414\u043b\u044f \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u0438\u044f \u0441\u0440\u0430\u0437\u0443 \u0435\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e \u0441\u0430\u043c\u043e\u0439 \u0430\u0442\u0430\u043a\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c APT Stealth Falcon \u043f\u0440\u043e\u0442\u0438\u0432 \u043c\u0438\u0448\u0435\u043d\u0435\u0439 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435. \n\n\u0421\u043e \u0432\u0442\u043e\u0440\u044b\u043c 0day \u0434\u0435\u043b\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0435 \u2014 \u044d\u0442\u043e CVE-2025-33073 (8.8), EoP \u0432 SMB-\u043a\u043b\u0438\u0435\u043d\u0442\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u0440\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438 \u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 SMB-\u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c system \u043d\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u0441\u043a\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435. \u0417\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f\u0442 \u0446\u0435\u043b\u0443\u044e \u0433\u0440\u0443\u043f\u043f\u0443 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439, \u043d\u043e \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044f\u043a\u043e\u0431\u044b \u043d\u0435\u0442.  \u0411\u0443\u0434\u0435\u043c \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0442\u044c \u0437\u0430 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435\u043c \u0441\u043e\u0431\u044b\u0442\u0438\u0439.\n\n\u041e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\u0426\u0435\u043b\u044b\u0439 \u0431\u0443\u043a\u0435\u0442 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 Office \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f: CVE-2025-47162, -47164, -47167, -47953. \u0412\u0441\u0435 RCE, \u0443 \u0432\u0441\u0435\u0445 CVSS 8.4\n\nCVE-2025-33070 (8.4) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Netlogon \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0430, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u043c\u0443 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.   \n\nCVE-2025-29828 (8.1) \u2014 RCE \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430\u0445 Windows, \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0435 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 TLS ClientHello.\n\n\u0422\u0430\u043a\u0436\u0435 \u0441\u0442\u043e\u044f\u0442 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f RCE \u0432 KDC Proxy Service (CVE-2025-33071, 8.1) \u0438 SharePoint (CVE-2025-47172, 8.8)\n\nCVE-2025-32713 (7.8) \u2014 \u0435\u0449\u0451 \u043e\u0434\u043d\u0430 EoP \u0432 CLFS, \u043b\u044e\u0431\u0438\u043c\u0430\u044f \u0440\u0430\u043d\u0441\u043e\u043c\u0432\u0430\u0440\u0449\u0438\u043a\u0430\u043c\u0438. \n\n\u041e\u0441\u043e\u0431\u043d\u044f\u043a\u043e\u043c \u0441\u0442\u043e\u0438\u0442 \u043d\u043e\u0432\u044b\u0439 \u043e\u0431\u0445\u043e\u0434 Secure boot, CVE-2025-3052. \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0432 \u043f\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0431\u0430\u0437\u044b \u043e\u0442\u043e\u0437\u0432\u0430\u043d\u043d\u044b\u0445 \u043c\u043e\u0434\u0443\u043b\u0435\u0439 UEFI, \u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0437\u0438\u0446\u0438\u043e\u043d\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043e\u0431\u0440\u0430\u0437\u044b \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u044b \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c 2011 \u0433\u043e\u0434\u0430, \u0438\u0441\u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0441\u043a\u043e\u0440\u043e \u0441\u043e\u0437\u0434\u0430\u0441\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0434\u043b\u044f \u043f\u043e\u0436\u0438\u043b\u044b\u0445 \u043f\u0430\u0440\u043a\u043e\u0432 \u0442\u0435\u0445\u043d\u0438\u043a\u0438.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #Microsoft @\u041f2\u0422", "creation_timestamp": "2025-06-11T07:01:39.000000Z"}, {"uuid": "645a1b90-f64b-4deb-9bbd-0f94bc05c224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47160", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116755475429413960", "content": "I just realized that I'm personally \"credited\" in April's Microsoft Patch Tuesday with a CVE-less \"Defense-in-depth\" update.\nThe vulnerability?CAB files downloaded from the internet do not write the MotW for files extracted from them.\nI reported this to MSRC, and after refusing to generate a screen recording of the exploit (I mean, really?!), they finally acknowledged the problem. However, they went radio silent after that.\nMark of the Web (MotW) evasions have gotten CVEs in the past. If we look in the last 2 years we have: CVE-2024-38213, CVE-2024-38217, CVE-2024-43487, CVE-2025-24061, CVE-2025-27472, CVE-2025-47160, CVE-2025-49740, CVE-2026-20824, CVE-2026-32225, CVE-2026-45595\nSo, why does \"Windows doesn't write MotW for extracted CAB file contents\" get a CVE?  Well, Microsoft is a CNA.  So for the most part they can invent any rules that they'd like to play by.  It could be as simple as \"We're not particularly fond of you\", and as a result, we have a vulnerability with no ID to track it.\nHere's a screen recording of a VM with March's Patch Tuesday level of updates.  When you extract a file from a CAB file, no MotW is written.  And as such, we get no protections that leverage the presence of MotW, such as SmartScreen, Smart Application Control, Office Protected View.  In this case, we have a .URL file in a CAB.  Double clicking on it results in a remote EXE running on your computer with no warning or other prompts.  But, I suppose we all know that URL files are evil and have them blocked.", "creation_timestamp": "2026-06-15T18:12:54.990260Z"}, {"uuid": "1fe6f634-3b51-4520-9e61-7190c327c3a5", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47162", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8228c44e-f0be-4b5a-ba97-52ad017a401f", "content": "", "creation_timestamp": "2026-06-19T12:46:11.082425Z"}]}