https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 17:47:09 +0000 https://vulnerability.circl.lu/sighting/821251cd-e7e5-4ec2-b13e-9b1427566ad4/export {"uuid": "821251cd-e7e5-4ec2-b13e-9b1427566ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "Telegram/rXYL1lXWkEU6X4s-B12vmJDiUkp3J5RpkWN8Rf8Wlc0XZWI", "content": "", "creation_timestamp": "2025-06-02T12:01:30.000000Z"} {"uuid": "821251cd-e7e5-4ec2-b13e-9b1427566ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "Telegram/rXYL1lXWkEU6X4s-B12vmJDiUkp3J5RpkWN8Rf8Wlc0XZWI", "content": "", "creation_timestamp": "2025-06-02T12:01:30.000000Z"} https://vulnerability.circl.lu/sighting/821251cd-e7e5-4ec2-b13e-9b1427566ad4/export Mon, 02 Jun 2025 12:01:30 +0000 https://vulnerability.circl.lu/sighting/93094c6e-dd54-4b19-8fa8-beff5be42b22/export {"uuid": "93094c6e-dd54-4b19-8fa8-beff5be42b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19248", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48957\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: AstrBot is a large language model chatbot and development framework. A path traversal vulnerability present in versions 3.4.4 through 3.5.12 may lead to information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. The vulnerability has been addressed in Pull Request #1676 and is included in version 3.5.13. As a workaround, users can edit the `cmd_config.json` file to disable the dashboard feature as a temporary workaround. However, it is strongly recommended to upgrade to version v3.5.13 or later to fully resolve this issue.\n\ud83d\udccf Published: 2025-06-02T11:16:14.370Z\n\ud83d\udccf Modified: 2025-06-23T18:03:57.703Z\n\ud83d\udd17 References:\n1. https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-cq37-g2qp-3c2p\n2. https://github.com/AstrBotDevs/AstrBot/issues/1675\n3. https://github.com/AstrBotDevs/AstrBot/pull/1676\n4. https://github.com/AstrBotDevs/AstrBot/commit/cceadf222c46813c7f41115b40d371e7eb91e492", "creation_timestamp": "2025-06-23T18:50:43.000000Z"} {"uuid": "93094c6e-dd54-4b19-8fa8-beff5be42b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19248", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48957\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: AstrBot is a large language model chatbot and development framework. A path traversal vulnerability present in versions 3.4.4 through 3.5.12 may lead to information disclosure, such as API keys for LLM providers, account passwords, and other sensitive data. The vulnerability has been addressed in Pull Request #1676 and is included in version 3.5.13. As a workaround, users can edit the `cmd_config.json` file to disable the dashboard feature as a temporary workaround. However, it is strongly recommended to upgrade to version v3.5.13 or later to fully resolve this issue.\n\ud83d\udccf Published: 2025-06-02T11:16:14.370Z\n\ud83d\udccf Modified: 2025-06-23T18:03:57.703Z\n\ud83d\udd17 References:\n1. https://github.com/AstrBotDevs/AstrBot/security/advisories/GHSA-cq37-g2qp-3c2p\n2. https://github.com/AstrBotDevs/AstrBot/issues/1675\n3. https://github.com/AstrBotDevs/AstrBot/pull/1676\n4. https://github.com/AstrBotDevs/AstrBot/commit/cceadf222c46813c7f41115b40d371e7eb91e492", "creation_timestamp": "2025-06-23T18:50:43.000000Z"} https://vulnerability.circl.lu/sighting/93094c6e-dd54-4b19-8fa8-beff5be42b22/export Mon, 23 Jun 2025 18:50:43 +0000 https://vulnerability.circl.lu/sighting/9441ed29-2a7b-4392-9f2b-c9b430f11ddf/export {"uuid": "9441ed29-2a7b-4392-9f2b-c9b430f11ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-48957", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lx6thmbcmn23", "content": "", "creation_timestamp": "2025-08-25T01:20:08.077215Z"} {"uuid": "9441ed29-2a7b-4392-9f2b-c9b430f11ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-48957", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lx6thmbcmn23", "content": "", "creation_timestamp": "2025-08-25T01:20:08.077215Z"} https://vulnerability.circl.lu/sighting/9441ed29-2a7b-4392-9f2b-c9b430f11ddf/export Mon, 25 Aug 2025 01:20:08 +0000 https://vulnerability.circl.lu/sighting/44d224f3-0d3e-44fd-9fed-f50c12148f70/export {"uuid": "44d224f3-0d3e-44fd-9fed-f50c12148f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/178", "content": "", "creation_timestamp": "2025-11-19T17:11:11.000000Z"} {"uuid": "44d224f3-0d3e-44fd-9fed-f50c12148f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48957", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/178", "content": "", "creation_timestamp": "2025-11-19T17:11:11.000000Z"} https://vulnerability.circl.lu/sighting/44d224f3-0d3e-44fd-9fed-f50c12148f70/export Wed, 19 Nov 2025 17:11:11 +0000