{"vulnerability": "cve-2025-7132", "sightings": [{"uuid": "ed31f6d9-96cf-4f2b-ac2b-08eb9f62cdd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71320", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moiu3xv4gm24", "content": "CVE-2025-71320 - picklescan - Remote Code Execution via Incomplete Disallowed Inputs\nCVE ID : CVE-2025-71320\n \n Published : June 17, 2026, 3:04 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.lo...", "creation_timestamp": "2026-06-17T17:37:36.163940Z"}, {"uuid": "2c72db2c-eec4-4693-b3f5-96495094327b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71325", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moiuewgeha24", "content": "CVE-2025-71325 - picklescan - Detection Bypass via STACK_GLOBAL Opcode Parsing Logic Flaw\nCVE ID : CVE-2025-71325\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 0.0.27 contains a parsing logic error in the _list_globals func...", "creation_timestamp": "2026-06-17T17:42:36.590570Z"}, {"uuid": "1f21605a-ccdd-4cfc-b627-c8047722b255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71323", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivdwn5442t", "content": "CVE-2025-71323 - picklescan - Remote Code Execution via Unblocked ctypes Module\nCVE ID : CVE-2025-71323\n \n Published : June 17, 2026, 3:05 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve re...", "creation_timestamp": "2026-06-17T17:59:57.135765Z"}, {"uuid": "d15a3274-7267-4ddc-8e66-14bbbe5bab42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71321", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivj6w4fe2j", "content": "CVE-2025-71321 - picklescan - Arbitrary File Writing via distutils Module Bypass\nCVE ID : CVE-2025-71321\n \n Published : June 17, 2026, 3:04 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows atta...", "creation_timestamp": "2026-06-17T18:02:53.421478Z"}, {"uuid": "bb4cfe4d-2185-4d41-85c4-c8d7da8472e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71322", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3moivz5yac32i", "content": "CVE-2025-71322 - PickleScan - Unsafe Globals Check Bypass via pty.spawn Function\nCVE ID : CVE-2025-71322\n \n Published : June 17, 2026, 3:04 p.m. | 2\u00a0hours, 4\u00a0minutes ago\n \n Description : PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals lis...", "creation_timestamp": "2026-06-17T18:11:49.397157Z"}, {"uuid": "51ababa3-6ad7-4896-b8b6-5df599de7e87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-71323", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-4675-36f9-wf6r", "content": "", "creation_timestamp": "2025-12-29T15:23:49.000000Z"}, {"uuid": "2acc20e4-2efc-439b-a05c-0e1decd9adae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-71321", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-m273-6v24-x4m4", "content": "", "creation_timestamp": "2025-12-29T15:22:30.000000Z"}, {"uuid": "b5973794-82eb-4eb4-a1a9-8a64989efa1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-71322", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-hgrh-qx5j-jfwx", "content": "", "creation_timestamp": "2025-12-29T15:26:37.000000Z"}, {"uuid": "af9ba9ea-fda7-4fa7-a0a4-02b0a9af1e73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-71325", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-9gvj-pp9x-gcfr", "content": "", "creation_timestamp": "2025-08-12T00:13:55.000000Z"}, {"uuid": "fd75023e-a648-4b33-96bc-401b568c0cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-71320", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-84r2-jw7c-4r5q", "content": "", "creation_timestamp": "2025-12-29T15:24:20.000000Z"}, {"uuid": "7c7a8ea5-d6cc-42af-b2f9-a1b38e795bbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71326", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3monqf2ua4u24", "content": "CVE-2025-71326 - AVAST Antivirus 25.11 Unquoted Service Path Privilege Escalation\nCVE ID : CVE-2025-71326\n \n Published : June 19, 2026, 2:16 p.m. | 52\u00a0minutes ago\n \n Description : AVAST Antivirus 25.11 contains an unquoted service path vulnerability in the SecureLine service t...", "creation_timestamp": "2026-06-19T16:14:24.965751Z"}, {"uuid": "fe069d1e-0bcb-4a21-a136-94efe792a9c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71326", "type": "seen", "source": "https://www.acn.gov.it/portale/w/avast-disponibile-poc-pubblico-per-la-cve-2025-71326", "content": "Disponibile Proof of Concept (PoC) per la vulnerabilit\u00e0 identificata tramite la CVE-2025-71326 presente in Avast Antivirus (AV), noto software di sicurezza progettato per proteggere computer e dispositivi da minacce informatiche come malware, virus, ransomware e spyware. Tale vulnerabilit\u00e0, qualora sfruttata, potrebbe consentire ad un utente malintenzionato locale di elevare i propri privilegi ed eseguire codice arbitrario sui sistemi target.", "creation_timestamp": "2026-06-22T09:06:59.000000Z"}, {"uuid": "5a81a16d-3429-46fa-8a3d-61aa7b58e2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71327", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5siul2ww2z", "content": "CVE-2025-71327 - Flowise - Authentication Bypass via Unprotected Registration Endpoint\nCVE ID : CVE-2025-71327\n \n Published : June 25, 2026, 9:41 p.m. | 3\u00a0hours, 30\u00a0minutes ago\n \n Description : Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/...", "creation_timestamp": "2026-06-26T01:34:55.994065Z"}, {"uuid": "fd2ccccd-33c8-41d0-a70d-465129119e3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71328", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp5t7t2kcm2o", "content": "CVE-2025-71328 - Flowise - Unverified Password Change via Account Settings\nCVE ID : CVE-2025-71328\n \n Published : June 25, 2026, 9:41 p.m. | 3\u00a0hours, 30\u00a0minutes ago\n \n Description : Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated us...", "creation_timestamp": "2026-06-26T01:47:45.965438Z"}, {"uuid": "c43e00fb-e1c7-4051-8018-87b01640ef8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71324", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mp673kg6ry2x", "content": "CVE-2025-71324 - Flowise - Arbitrary File Read via chatId Parameter\nCVE ID : CVE-2025-71324\n \n Published : June 25, 2026, 9:41 p.m. | 7\u00a0hours, 30\u00a0minutes ago\n \n Description : Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api...", "creation_timestamp": "2026-06-26T05:20:07.874342Z"}, {"uuid": "45a17a4c-3e58-478e-bd78-e11c406eaeaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-71327", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mphzjf4nzk2g", "content": "\ud83d\udccc CVE-2025-71327 - Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint that allows unauthenticated attackers to ... https://www.cyberhub.blog/cves/CVE-2025-71327", "creation_timestamp": "2026-06-30T03:07:07.025960Z"}]}