{"vulnerability": "cve-2025-5412", "sightings": [{"uuid": "0d1294f3-9421-49e4-93a7-f12e3d2cb9f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5412", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqllevxlj6b2", "content": "", "creation_timestamp": "2025-06-02T01:03:49.840171Z"}, {"uuid": "dbca7ada-aec6-4af5-89df-550bc6d3511a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5412", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqlwhqmbdl2r", "content": "", "creation_timestamp": "2025-06-02T04:22:09.379867Z"}, {"uuid": "612c0162-d0cf-4c4c-8b35-f1c99c6bbd6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m5ezvqgtqy2a", "content": "", "creation_timestamp": "2025-11-11T21:02:40.958334Z"}, {"uuid": "84d3ffde-736d-44e0-9482-08badd1d3700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54126", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lv5figghto2p", "content": "", "creation_timestamp": "2025-07-30T00:47:00.460068Z"}, {"uuid": "8dc64277-de48-45a0-b671-ae517864dff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54121", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lv6ewswjsk2w", "content": "", "creation_timestamp": "2025-07-30T10:09:52.741472Z"}, {"uuid": "1a3cf436-abb2-4081-90d9-38dd6586830f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54121", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lv6fnfua4s2w", "content": "", "creation_timestamp": "2025-07-30T10:22:30.961615Z"}, {"uuid": "e79f5aab-6c07-4eef-87cc-0ae71c3c1e91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lyqofaf35a25", "content": "", "creation_timestamp": "2025-09-13T21:02:30.103287Z"}, {"uuid": "66b36b2b-0afc-4596-aee0-2347146dc654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54121", "type": "seen", "source": "https://gist.github.com/KafkaWannaFly/35e254e8a55931c55cc05a2c0bb0fd31", "content": "", "creation_timestamp": "2025-11-16T10:41:12.000000Z"}, {"uuid": "36c0f515-e892-408d-9d65-213950e827fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-54123", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lyjgypjbwa2s", "content": "", "creation_timestamp": "2025-09-11T00:01:37.488249Z"}, {"uuid": "379e7f15-7312-4366-95d0-9b3013c0e95b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-54123", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lyjgyxnwp42q", "content": "", "creation_timestamp": "2025-09-11T00:01:40.904258Z"}, {"uuid": "ee90bd06-53ae-4784-be77-9b6d13f7fac8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-11)", "content": "", "creation_timestamp": "2025-11-11T00:00:00.000000Z"}, {"uuid": "f61fea91-5f72-4c64-b682-3aa67211844a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lz5apsr2lf2m", "content": "", "creation_timestamp": "2025-09-18T21:02:29.606477Z"}, {"uuid": "5619ad39-4c2a-4458-ad3d-20b938828226", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54125", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-54125.yaml", "content": "", "creation_timestamp": "2025-08-28T13:38:32.000000Z"}, {"uuid": "e2935382-d062-4025-ad6f-720a4cc9657f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lxnhubciqr2b", "content": "", "creation_timestamp": "2025-08-30T21:02:31.715857Z"}, {"uuid": "00e3f806-79e7-4355-96a5-11cface116d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54122", "type": "seen", "source": "MISP/2bceffac-02c3-4c54-a709-6e253b38ec76", "content": "", "creation_timestamp": "2025-09-09T20:56:42.000000Z"}, {"uuid": "16768d77-a765-47bd-a89d-da5592f50d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-07)", "content": "", "creation_timestamp": "2026-03-07T00:00:00.000000Z"}, {"uuid": "eb02da16-3610-48de-b04a-4526acf4b3bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-15)", "content": "", "creation_timestamp": "2026-02-15T00:00:00.000000Z"}, {"uuid": "e3395856-859d-4a92-9c2a-a7bf521be904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-14)", "content": "", "creation_timestamp": "2026-03-14T00:00:00.000000Z"}, {"uuid": "5cffbfe8-739e-4853-b188-26d674062d94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "55833c60-ce2d-46b6-9bb4-c30c2d29aa6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "published-proof-of-concept", "source": "Telegram/jW6gAEx0X-7rlKDcpeYmlHPMlF_kfSwPpGXtV0Ykb6N88uc", "content": "", "creation_timestamp": "2026-03-31T03:00:07.000000Z"}, {"uuid": "677ca84c-0ec7-4e53-bcd3-1941c8ff5972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "published-proof-of-concept", "source": "Telegram/Fln1CDV-IIlp7EGS7hr_JibbBYDcdeDsNTgWenTzMncUGCI", "content": "", "creation_timestamp": "2026-03-29T15:00:08.000000Z"}, {"uuid": "888f8e99-cd37-41c3-bbb3-a6e8042aae08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "published-proof-of-concept", "source": "Telegram/KKi08pVtUDaCAJkb9047w9y4w-ZBtgxVmflDXmeWCTkhF9g", "content": "", "creation_timestamp": "2026-03-29T03:00:06.000000Z"}, {"uuid": "77e3cf04-bc97-4d15-97b3-f92e502f215b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "published-proof-of-concept", "source": "Telegram/Us8JkcdKV6mNpmC49CCSXRO4qTVWF6cCKabwDZ5lsVeRzZU", "content": "", "creation_timestamp": "2026-03-31T15:00:07.000000Z"}, {"uuid": "9a420982-dd8c-4ccc-b774-4809294a380d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-05)", "content": "", "creation_timestamp": "2026-05-05T00:00:00.000000Z"}, {"uuid": "f78b0c60-ed26-4548-8b9a-792fa7b56cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "seen", "source": "https://t.me/GithubRedTeam/86177", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a Hoverfly-1.11.3-RCE-CVE-2025-54123-Exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0x00phantom-hat\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-27 22:55:05\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-27T23:00:17.000000Z"}, {"uuid": "998e2cdc-73e7-4033-b3e9-27ad7d122e2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-54123", "type": "published-proof-of-concept", "source": "https://github.com/SpectoLabs/hoverfly/security/advisories/GHSA-r4h8-hfp2-ggmf", "content": "", "creation_timestamp": "2025-09-10T18:35:23.000000Z"}, {"uuid": "b74e1e75-4c08-4603-ba48-17ef4a2c16f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-54121", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-2c2j-9gv5-cj73", "content": "", "creation_timestamp": "2025-07-21T19:34:23.000000Z"}, {"uuid": "b99620d2-a393-4a74-8862-9ea130973401", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54121", "type": "seen", "source": "https://gist.github.com/lesnargitonga/ded68f9d3d270cc386fe7c2227970ebc", "content": "{\"dependencies\": [{\"name\": \"africastalking\", \"version\": \"1.2.9\", \"vulns\": []}, {\"name\": \"aioboto3\", \"version\": \"13.1.1\", \"vulns\": []}, {\"name\": \"aiobotocore\", \"version\": \"2.13.1\", \"vulns\": []}, {\"name\": \"aiofiles\", \"version\": \"25.1.0\", \"vulns\": []}, {\"name\": \"aiohappyeyeballs\", \"version\": \"2.6.1\", \"vulns\": []}, {\"name\": \"aiohttp\", \"version\": \"3.13.5\", \"vulns\": []}, {\"name\": \"aiohttp-retry\", \"version\": \"2.9.1\", \"vulns\": []}, {\"name\": \"aioitertools\", \"version\": \"0.13.0\", \"vulns\": []}, {\"name\": \"aiosignal\", \"version\": \"1.4.0\", \"vulns\": []}, {\"name\": \"aiosqlite\", \"version\": \"0.20.0\", \"vulns\": []}, {\"name\": \"alembic\", \"version\": \"1.13.3\", \"vulns\": []}, {\"name\": \"annotated-doc\", \"version\": \"0.0.4\", \"vulns\": []}, {\"name\": \"annotated-types\", \"version\": \"0.7.0\", \"vulns\": []}, {\"name\": \"anyio\", \"version\": \"4.13.0\", \"vulns\": []}, {\"name\": \"asyncpg\", \"version\": \"0.29.0\", \"vulns\": []}, {\"name\": \"attrs\", \"version\": \"26.1.0\", \"vulns\": []}, {\"name\": \"authlib\", \"version\": \"1.7.2\", \"vulns\": []}, {\"name\": \"bandit\", \"version\": \"1.9.4\", \"vulns\": []}, {\"name\": \"bcrypt\", \"version\": \"4.2.0\", \"vulns\": []}, {\"name\": \"boolean-py\", \"version\": \"5.0\", \"vulns\": []}, {\"name\": \"boto3\", \"version\": \"1.34.131\", \"vulns\": []}, {\"name\": \"botocore\", \"version\": \"1.34.131\", \"vulns\": []}, {\"name\": \"cachecontrol\", \"version\": \"0.14.4\", \"vulns\": []}, {\"name\": \"cachetools\", \"version\": \"5.5.2\", \"vulns\": []}, {\"name\": \"certifi\", \"version\": \"2026.4.22\", \"vulns\": []}, {\"name\": \"cffi\", \"version\": \"2.0.0\", \"vulns\": []}, {\"name\": \"charset-normalizer\", \"version\": \"3.4.7\", \"vulns\": []}, {\"name\": \"click\", \"version\": \"8.4.0\", \"vulns\": []}, {\"name\": \"cryptography\", \"version\": \"48.0.0\", \"vulns\": []}, {\"name\": \"cyclonedx-python-lib\", \"version\": \"11.7.0\", \"vulns\": []}, {\"name\": \"dataclasses-json\", \"version\": \"0.6.7\", \"vulns\": []}, {\"name\": \"defusedxml\", \"version\": \"0.7.1\", \"vulns\": []}, {\"name\": \"deprecated\", \"version\": \"1.3.1\", \"vulns\": []}, {\"name\": \"distro\", \"version\": \"1.9.0\", \"vulns\": []}, {\"name\": \"dnspython\", \"version\": \"2.8.0\", \"vulns\": []}, {\"name\": \"dparse\", \"version\": \"0.6.4\", \"vulns\": []}, {\"name\": \"email-validator\", \"version\": \"2.2.0\", \"vulns\": []}, {\"name\": \"fastapi\", \"version\": \"0.115.0\", \"vulns\": []}, {\"name\": \"filelock\", \"version\": \"3.29.0\", \"vulns\": []}, {\"name\": \"filetype\", \"version\": \"1.2.0\", \"vulns\": []}, {\"name\": \"frozenlist\", \"version\": \"1.8.0\", \"vulns\": []}, {\"name\": \"google-ai-generativelanguage\", \"version\": \"0.6.15\", \"vulns\": []}, {\"name\": \"google-api-core\", \"version\": \"2.30.3\", \"vulns\": []}, {\"name\": \"google-api-python-client\", \"version\": \"2.146.0\", \"vulns\": []}, {\"name\": \"google-auth\", \"version\": \"2.53.0\", \"vulns\": []}, {\"name\": \"google-auth-httplib2\", \"version\": \"0.4.0\", \"vulns\": []}, {\"name\": \"google-auth-oauthlib\", \"version\": \"1.2.1\", \"vulns\": []}, {\"name\": \"google-genai\", \"version\": \"1.75.0\", \"vulns\": []}, {\"name\": \"google-generativeai\", \"version\": \"0.8.6\", \"vulns\": []}, {\"name\": \"googleapis-common-protos\", \"version\": \"1.75.0\", \"vulns\": []}, {\"name\": \"greenlet\", \"version\": \"3.5.0\", \"vulns\": []}, {\"name\": \"groq\", \"version\": \"0.37.1\", \"vulns\": []}, {\"name\": \"grpcio\", \"version\": \"1.80.0\", \"vulns\": []}, {\"name\": \"grpcio-status\", \"version\": \"1.71.2\", \"vulns\": []}, {\"name\": \"h11\", \"version\": \"0.16.0\", \"vulns\": []}, {\"name\": \"httpcore\", \"version\": \"1.0.9\", \"vulns\": []}, {\"name\": \"httplib2\", \"version\": \"0.31.2\", \"vulns\": []}, {\"name\": \"httptools\", \"version\": \"0.7.1\", \"vulns\": []}, {\"name\": \"httpx\", \"version\": \"0.28.1\", \"vulns\": []}, {\"name\": \"httpx-sse\", \"version\": \"0.4.3\", \"vulns\": []}, {\"name\": \"idna\", \"version\": \"3.15\", \"vulns\": []}, {\"name\": \"iniconfig\", \"version\": \"2.3.0\", \"vulns\": []}, {\"name\": \"jinja2\", \"version\": \"3.1.6\", \"vulns\": []}, {\"name\": \"jiter\", \"version\": \"0.14.0\", \"vulns\": []}, {\"name\": \"jmespath\", \"version\": \"1.1.0\", \"vulns\": []}, {\"name\": \"joblib\", \"version\": \"1.5.3\", \"vulns\": []}, {\"name\": \"joserfc\", \"version\": \"1.6.8\", \"vulns\": []}, {\"name\": \"jsonpatch\", \"version\": \"1.33\", \"vulns\": []}, {\"name\": \"jsonpointer\", \"version\": \"3.1.1\", \"vulns\": []}, {\"name\": \"langchain\", \"version\": \"1.3.2\", \"vulns\": []}, {\"name\": \"langchain-classic\", \"version\": \"1.0.7\", \"vulns\": []}, {\"name\": \"langchain-community\", \"version\": \"0.4.2\", \"vulns\": []}, {\"name\": \"langchain-core\", \"version\": \"1.4.0\", \"vulns\": []}, {\"name\": \"langchain-google-genai\", \"version\": \"4.2.3\", \"vulns\": []}, {\"name\": \"langchain-groq\", \"version\": \"1.1.2\", \"vulns\": []}, {\"name\": \"langchain-ollama\", \"version\": \"1.1.0\", \"vulns\": []}, {\"name\": \"langchain-openai\", \"version\": \"1.2.2\", \"vulns\": []}, {\"name\": \"langchain-protocol\", \"version\": \"0.0.15\", \"vulns\": []}, {\"name\": \"langchain-text-splitters\", \"version\": \"1.1.2\", \"vulns\": []}, {\"name\": \"langgraph\", \"version\": \"1.2.2\", \"vulns\": []}, {\"name\": \"langgraph-checkpoint\", \"version\": \"4.1.1\", \"vulns\": []}, {\"name\": \"langgraph-prebuilt\", \"version\": \"1.1.0\", \"vulns\": []}, {\"name\": \"langgraph-sdk\", \"version\": \"0.3.15\", \"vulns\": []}, {\"name\": \"langsmith\", \"version\": \"0.8.6\", \"vulns\": []}, {\"name\": \"license-expression\", \"version\": \"30.4.4\", \"vulns\": []}, {\"name\": \"limits\", \"version\": \"5.8.0\", \"vulns\": []}, {\"name\": \"mako\", \"version\": \"1.3.12\", \"vulns\": []}, {\"name\": \"markdown-it-py\", \"version\": \"4.2.0\", \"vulns\": []}, {\"name\": \"markupsafe\", \"version\": \"3.0.3\", \"vulns\": []}, {\"name\": \"marshmallow\", \"version\": \"3.26.2\", \"vulns\": []}, {\"name\": \"mdurl\", \"version\": \"0.1.2\", \"vulns\": []}, {\"name\": \"msgpack\", \"version\": \"1.1.2\", \"vulns\": []}, {\"name\": \"multidict\", \"version\": \"6.7.1\", \"vulns\": []}, {\"name\": \"mypy-extensions\", \"version\": \"1.1.0\", \"vulns\": []}, {\"name\": \"nltk\", \"version\": \"3.9.4\", \"vulns\": []}, {\"name\": \"numpy\", \"version\": \"1.26.4\", \"vulns\": []}, {\"name\": \"oauthlib\", \"version\": \"3.3.1\", \"vulns\": []}, {\"name\": \"ollama\", \"version\": \"0.6.2\", \"vulns\": []}, {\"name\": \"openai\", \"version\": \"2.38.0\", \"vulns\": []}, {\"name\": \"orjson\", \"version\": \"3.11.5\", \"vulns\": [{\"id\": \"CVE-2025-67221\", \"fix_versions\": [\"3.11.6\"], \"aliases\": [\"GHSA-hx9q-6w63-j58v\"], \"description\": \"The orjson.dumps function in orjson before 3.11.6 does not limit recursion for deeply nested JSON documents.\"}]}, {\"name\": \"ormsgpack\", \"version\": \"1.12.2\", \"vulns\": []}, {\"name\": \"packageurl-python\", \"version\": \"0.17.6\", \"vulns\": []}, {\"name\": \"packaging\", \"version\": \"24.2\", \"vulns\": []}, {\"name\": \"passlib\", \"version\": \"1.7.4\", \"vulns\": []}, {\"name\": \"pgvector\", \"version\": \"0.3.4\", \"vulns\": []}, {\"name\": \"pip\", \"version\": \"26.1.1\", \"vulns\": []}, {\"name\": \"pip-api\", \"version\": \"0.0.34\", \"vulns\": []}, {\"name\": \"pip-audit\", \"version\": \"2.10.0\", \"vulns\": []}, {\"name\": \"pip-requirements-parser\", \"version\": \"32.0.1\", \"vulns\": []}, {\"name\": \"platformdirs\", \"version\": \"4.9.6\", \"vulns\": []}, {\"name\": \"pluggy\", \"version\": \"1.6.0\", \"vulns\": []}, {\"name\": \"prometheus-client\", \"version\": \"0.25.0\", \"vulns\": []}, {\"name\": \"propcache\", \"version\": \"0.5.2\", \"vulns\": []}, {\"name\": \"proto-plus\", \"version\": \"1.28.0\", \"vulns\": []}, {\"name\": \"protobuf\", \"version\": \"5.29.6\", \"vulns\": []}, {\"name\": \"psycopg\", \"version\": \"3.2.3\", \"vulns\": []}, {\"name\": \"psycopg-binary\", \"version\": \"3.2.3\", \"vulns\": []}, {\"name\": \"py-serializable\", \"version\": \"2.1.0\", \"vulns\": []}, {\"name\": \"pyasn1\", \"version\": \"0.6.3\", \"vulns\": []}, {\"name\": \"pyasn1-modules\", \"version\": \"0.4.2\", \"vulns\": []}, {\"name\": \"pycparser\", \"version\": \"3.0\", \"vulns\": []}, {\"name\": \"pydantic\", \"version\": \"2.9.2\", \"vulns\": []}, {\"name\": \"pydantic-core\", \"version\": \"2.23.4\", \"vulns\": []}, {\"name\": \"pydantic-settings\", \"version\": \"2.14.1\", \"vulns\": []}, {\"name\": \"pygments\", \"version\": \"2.20.0\", \"vulns\": []}, {\"name\": \"pyjwt\", \"version\": \"2.12.0\", \"vulns\": []}, {\"name\": \"pyparsing\", \"version\": \"3.3.2\", \"vulns\": []}, {\"name\": \"pytest\", \"version\": \"8.3.3\", \"vulns\": [{\"id\": \"CVE-2025-71176\", \"fix_versions\": [\"9.0.3\"], \"aliases\": [\"GHSA-6w46-j5rx-g56g\"], \"description\": \"pytest through 9.0.2 on UNIX relies on directories with the `/tmp/pytest-of-{user}` name pattern, which allows local users to cause a denial of service or possibly gain privileges.\"}]}, {\"name\": \"pytest-asyncio\", \"version\": \"0.24.0\", \"vulns\": []}, {\"name\": \"pytest-mock\", \"version\": \"3.14.0\", \"vulns\": []}, {\"name\": \"python-dateutil\", \"version\": \"2.9.0.post0\", \"vulns\": []}, {\"name\": \"python-dotenv\", \"version\": \"1.2.2\", \"vulns\": []}, {\"name\": \"python-multipart\", \"version\": \"0.0.27\", \"vulns\": []}, {\"name\": \"pyyaml\", \"version\": \"6.0.3\", \"vulns\": []}, {\"name\": \"redis\", \"version\": \"5.0.8\", \"vulns\": []}, {\"name\": \"regex\", \"version\": \"2026.5.9\", \"vulns\": []}, {\"name\": \"requests\", \"version\": \"2.34.2\", \"vulns\": []}, {\"name\": \"requests-oauthlib\", \"version\": \"2.0.0\", \"vulns\": []}, {\"name\": \"requests-toolbelt\", \"version\": \"1.0.0\", \"vulns\": []}, {\"name\": \"respx\", \"version\": \"0.21.1\", \"vulns\": []}, {\"name\": \"rich\", \"version\": \"15.0.0\", \"vulns\": []}, {\"name\": \"rsa\", \"version\": \"4.9.1\", \"vulns\": []}, {\"name\": \"ruamel-yaml\", \"version\": \"0.19.1\", \"vulns\": []}, {\"name\": \"s3transfer\", \"version\": \"0.10.4\", \"vulns\": []}, {\"name\": \"safety\", \"version\": \"3.8.0\", \"vulns\": []}, {\"name\": \"safety-schemas\", \"version\": \"0.0.16\", \"vulns\": []}, {\"name\": \"schema\", \"version\": \"0.7.8\", \"vulns\": []}, {\"name\": \"sentry-sdk\", \"version\": \"2.18.0\", \"vulns\": []}, {\"name\": \"shellingham\", \"version\": \"1.5.4\", \"vulns\": []}, {\"name\": \"six\", \"version\": \"1.17.0\", \"vulns\": []}, {\"name\": \"slowapi\", \"version\": \"0.1.9\", \"vulns\": []}, {\"name\": \"sniffio\", \"version\": \"1.3.1\", \"vulns\": []}, {\"name\": \"sortedcontainers\", \"version\": \"2.4.0\", \"vulns\": []}, {\"name\": \"sqlalchemy\", \"version\": \"2.0.35\", \"vulns\": []}, {\"name\": \"starlette\", \"version\": \"0.38.6\", \"vulns\": [{\"id\": \"PYSEC-2026-161\", \"fix_versions\": [\"1.0.1\"], \"aliases\": [\"GHSA-86qp-5c8j-p5mr\"], \"description\": \"Starlette reconstructs the requested URL based on the HTTP Host request header and requested path, but does not perform any validation of the Host header value. This allows attackers to inject paths into the host part, prepending the actual path. However, routing in Starlette is based on the actual request path. This inconsistent interpretation of HTTP requests may lead to issues such as authentication bypass when the authentication depends on the reconstructed URL\\u2019s path.\"}, {\"id\": \"CVE-2024-47874\", \"fix_versions\": [\"0.40.0\"], \"aliases\": [\"GHSA-f96h-pmfr-66vw\"], \"description\": \"### Summary Starlette treats `multipart/form-data` parts without a `filename` as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form fields and cause Starlette to both slow down significantly due to excessive memory allocations and copy operations, and also consume more and more memory until the server starts swapping and grinds to a halt, or the OS terminates the server process with an OOM error. Uploading multiple such requests in parallel may be enough to render a service practically unusable, even if reasonable request size limits are enforced by a reverse proxy in front of Starlette.  ### PoC  ```python from starlette.applications import Starlette from starlette.routing import Route  async def poc(request):     async with request.form():         pass  app = Starlette(routes=[     Route('/', poc, methods=[\\\"POST\\\"]), ]) ```  ```sh curl http://localhost:8000 -F 'big= bool:         # check for SpooledTemporaryFile._rolled         rolled_to_disk = getattr(self.file, \\\"_rolled\\\", True)         return not rolled_to_disk      async def write(self, data: bytes) -> None:         if self.size is not None:             self.size += len(data)          if self._in_memory:             self.file.write(data)         else:             await run_in_threadpool(self.file.write, data) ```  I have already created a PR which fixes the problem: https://github.com/encode/starlette/pull/2962   ### PoC See the discussion [here](https://github.com/encode/starlette/discussions/2927#discussioncomment-13721403) for steps on how to reproduce.  ### Impact To be honest, very low and not many users will be impacted. Parsing large forms is already CPU intensive so the additional IO block doesn't slow down `starlette` that much on systems with modern HDDs/SSDs. If someone is running on tape they might see a greater impact.\"}]}, {\"name\": \"stevedore\", \"version\": \"5.8.0\", \"vulns\": []}, {\"name\": \"structlog\", \"version\": \"24.4.0\", \"vulns\": []}, {\"name\": \"tenacity\", \"version\": \"8.5.0\", \"vulns\": []}, {\"name\": \"tiktoken\", \"version\": \"0.7.0\", \"vulns\": []}, {\"name\": \"tomli\", \"version\": \"2.4.1\", \"vulns\": []}, {\"name\": \"tomli-w\", \"version\": \"1.2.0\", \"vulns\": []}, {\"name\": \"tomlkit\", \"version\": \"0.15.0\", \"vulns\": []}, {\"name\": \"tqdm\", \"version\": \"4.67.3\", \"vulns\": []}, {\"name\": \"truststore\", \"version\": \"0.10.4\", \"vulns\": []}, {\"name\": \"twilio\", \"version\": \"9.3.2\", \"vulns\": []}, {\"name\": \"typer\", \"version\": \"0.25.1\", \"vulns\": []}, {\"name\": \"typing-extensions\", \"version\": \"4.15.0\", \"vulns\": []}, {\"name\": \"typing-inspect\", \"version\": \"0.9.0\", \"vulns\": []}, {\"name\": \"typing-inspection\", \"version\": \"0.4.2\", \"vulns\": []}, {\"name\": \"uritemplate\", \"version\": \"4.2.0\", \"vulns\": []}, {\"name\": \"urllib3\", \"version\": \"2.7.0\", \"vulns\": []}, {\"name\": \"uuid-utils\", \"version\": \"0.15.0\", \"vulns\": []}, {\"name\": \"uvicorn\", \"version\": \"0.30.6\", \"vulns\": []}, {\"name\": \"uvloop\", \"version\": \"0.22.1\", \"vulns\": []}, {\"name\": \"watchfiles\", \"version\": \"1.1.1\", \"vulns\": []}, {\"name\": \"webrtcvad-wheels\", \"version\": \"2.0.14\", \"vulns\": []}, {\"name\": \"websockets\", \"version\": \"16.0\", \"vulns\": []}, {\"name\": \"wrapt\", \"version\": \"1.17.3\", \"vulns\": []}, {\"name\": \"xxhash\", \"version\": \"3.7.0\", \"vulns\": []}, {\"name\": \"yarl\", \"version\": \"1.23.0\", \"vulns\": []}, {\"name\": \"zstandard\", \"version\": \"0.25.0\", \"vulns\": []}], \"fixes\": []}\n\n\n# Security audit summary \u2014 branch: security/major-upgrades-finalize\n\nRun date: 2026-05-28\n\nOverview:\n\n- Bandit: 50 low-severity findings reported (no medium/high). See `logs/security/bandit.json` for details.\n- pip-audit: Found 5 known vulnerabilities across 3 packages. Notable packages:\n  - `orjson` \u2014 CVE-2025-67221 (upgrade to >= 3.11.6)\n  - `pytest` \u2014 CVE-2025-71176 (upgrade to >= 9.0.3)\n  - `starlette` \u2014 several advisories (see `logs/security/pip_audit.json`) with recommended fix versions.\n- safety: invocation failed due to CLI flag mismatch; see `logs/security/safety.json` for raw output.\n\nRecommendations / next steps:\n\n1. Prioritize fixing dependency CVEs: bump `orjson` and `starlette` (and evaluate `pytest` upgrade impact in CI).\n2. Triage Bandit low-severity findings and address obvious issues (input validation, use of assert, etc.).\n3. Fix `scripts/security_audit.sh` safety invocation (remove `--full-report` or use supported flags) so `safety` can produce JSON output.\n4. Add automated dependency upgrade PRs (dependabot or scripted pin bump) and run CI test matrix.\n\nRaw scan outputs attached as a private gist and in `logs/security/` in JSON format.\n", "creation_timestamp": "2026-05-28T19:29:34.000000Z"}, {"uuid": "8b584532-e31d-4d23-a504-9b559933d3d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-28)", "content": "", "creation_timestamp": "2026-05-28T00:00:00.000000Z"}, {"uuid": "4d375078-deee-40e5-8fdd-ddb256cdc942", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54123", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1e48a797-3e42-4f31-8be0-f778bce44482", "content": "", "creation_timestamp": "2026-06-19T12:45:47.112737Z"}]}