{"vulnerability": "CVE-2025-2530", "sightings": [{"uuid": "80d0d55e-9db4-4f1e-8824-4873942fb19a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2530", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-173/", "content": "", "creation_timestamp": "2025-03-20T04:00:00.000000Z"}, {"uuid": "2653102e-33fc-4788-a0bc-9fc524bd3494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25304", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114003913828136574", "content": "", "creation_timestamp": "2025-02-14T19:34:33.995126Z"}, {"uuid": "5c5624f4-240c-4d1f-b806-ac05d60b9435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25304", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5zg4eke72o", "content": "", "creation_timestamp": "2025-02-14T20:16:06.128363Z"}, {"uuid": "f76368b8-6abd-4cbc-9243-2087ee75bad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25304", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li6bzmwzoo2e", "content": "", "creation_timestamp": "2025-02-14T22:50:12.426640Z"}, {"uuid": "926dbc5d-7a76-415a-a911-bcbe27b053d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25306", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk56ag3gql2d", "content": "", "creation_timestamp": "2025-03-11T23:00:07.797198Z"}, {"uuid": "d62fc6d8-72c8-4eb1-a593-4d30640f8fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2530", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7xdpgql32s", "content": "", "creation_timestamp": "2025-03-25T18:59:53.868616Z"}, {"uuid": "e0e8cde5-1260-449d-882e-dd5546785061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25306", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk3vyw77ib2z", "content": "", "creation_timestamp": "2025-03-11T11:00:07.101919Z"}, {"uuid": "2d6a6990-4f17-41d3-b6c8-01edebac1628", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25306", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114139864871772564", "content": "", "creation_timestamp": "2025-03-10T19:48:42.308308Z"}, {"uuid": "825f2ee6-b6e9-4875-9048-093152fbf977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25300", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lihull4ful23", "content": "", "creation_timestamp": "2025-02-18T18:16:18.227534Z"}, {"uuid": "5af13b99-6203-4b21-a712-f1823c38d24c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25305", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lihxx2p4ei2k", "content": "", "creation_timestamp": "2025-02-18T19:16:24.642350Z"}, {"uuid": "bbc04e98-1e66-449b-9358-8bd878acf005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25300", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3liiauwqq532c", "content": "", "creation_timestamp": "2025-02-18T21:56:19.343061Z"}, {"uuid": "0fe44fe9-1d60-4be7-ba55-ac13b37c65f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25305", "type": "seen", "source": "https://t.me/cvedetector/18337", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25305 - Home Assistant Core SSL Verification Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-25305 \nPublished : Feb. 18, 2025, 7:15 p.m. | 39\u00a0minutes ago \nDescription : Home Assistant Core is an open source home automation that puts local control and privacy first. Affected versions are subject to a potential man-in-the-middle attacks due to missing SSL certificate verification in the project codebase and used third-party libraries. In the past, `aiohttp-session`/`request` had the parameter `verify_ssl` to control SSL certificate verification. This was a boolean value. In `aiohttp` 3.0, this parameter was deprecated in favor of the `ssl` parameter. Only when `ssl` is set to `None` or provided with a correct configured SSL context the standard SSL certificate verification will happen. When migrating integrations in Home Assistant and libraries used by Home Assistant, in some cases the `verify_ssl` parameter value was just moved to the new `ssl` parameter. This resulted in these integrations and 3rd party libraries using `request.ssl = True`, which unintentionally turned off SSL certificate verification and opened up a man-in-the-middle attack vector. This issue has been addressed in version 2024.1.6 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T20:59:32.000000Z"}, {"uuid": "3047ecd8-49a4-425a-9f52-0358485e0929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25306", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lk2cmbftsd2v", "content": "", "creation_timestamp": "2025-03-10T19:40:22.279954Z"}, {"uuid": "40385b90-0774-4419-b2bc-722b8285fd82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25302", "type": "seen", "source": "https://t.me/cvedetector/19380", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25302 - Rembg CORS Misconfiguration (Open Redirect)\", \n  \"Content\": \"CVE ID : CVE-2025-25302 \nPublished : March 3, 2025, 5:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allow_credentials is set to True, which would allow any website to send authenticated cross site requests. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T19:44:08.000000Z"}, {"uuid": "74a52588-f5a5-44aa-95ea-c92e3f75f74a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25301", "type": "seen", "source": "https://t.me/cvedetector/19379", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25301 - Rembg Insecure Image Retrieval Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25301 \nPublished : March 3, 2025, 5:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T19:44:07.000000Z"}, {"uuid": "10ea34ac-bb42-4f14-955d-01601902da46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25303", "type": "seen", "source": "https://t.me/cvedetector/19374", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25303 - \"MouseTooltipTranslator Chrome Extension SSRF Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-25303 \nPublished : March 3, 2025, 5:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user. Because pdf.mjs is imported in viewer.html and viewer.html is accessible to all URLs, an attacker can force the user\u2019s browser to make a request to any arbitrary URL. After discussion with maintainer, patching this issue would require disabling a major feature of the extension in exchange for a low severity vulnerability. Decision to not patch issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-03T19:44:00.000000Z"}, {"uuid": "857f2c80-65d6-4474-8551-5344d82a6abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25306", "type": "seen", "source": "https://t.me/cvedetector/19994", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25306 - Misskey ActivityPub Object Authority Validation Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-25306 \nPublished : March 10, 2025, 7:15 p.m. | 2\u00a0hours, 17\u00a0minutes ago \nDescription : Misskey is an open source, federated social media platform. The patch for CVE-2024-52591 did not sufficiently validate the relation between the `id` and `url` fields of ActivityPub objects. An attacker can forge an object where they claim authority in the `url` field even if the specific ActivityPub object type require authority in the `id` field. Version 2025.2.1 addresses the issue. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T23:13:49.000000Z"}, {"uuid": "bba054df-f668-4e3a-8c43-6769e2871b65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25304", "type": "seen", "source": "https://t.me/cvedetector/18142", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25304 - Vega Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25304 \nPublished : Feb. 14, 2025, 8:15 p.m. | 2\u00a0hours, 13\u00a0minutes ago \nDescription : Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to version 5.26.0 of vega and 5.4.2 of vega-selections, the `vlSelectionTuples` function can be used to call JavaScript functions, leading to cross-site scripting.`vlSelectionTuples` calls multiple functions that can be controlled by an attacker, including one call with an attacker-controlled argument. This can be used to call `Function()` with arbitrary JavaScript and the resulting function can be called with `vlSelectionTuples` or using a type coercion to call `toString` or `valueOf`. Version 5.26.0 of vega and 5.4.2 of vega-selections fix this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-15T00:08:42.000000Z"}, {"uuid": "70cac831-b580-45c1-8c39-5428e3ba5609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2530", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8660", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2530\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of dae files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23698.\n\ud83d\udccf Published: 2025-03-25T14:16:48.906Z\n\ud83d\udccf Modified: 2025-03-25T14:16:48.906Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-173/", "creation_timestamp": "2025-03-25T14:24:12.000000Z"}, {"uuid": "3b880733-dddf-432b-93f1-34921f1c8af2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25300", "type": "seen", "source": "https://t.me/cvedetector/18349", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25300 - Smartbanner.js Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25300 \nPublished : Feb. 18, 2025, 6:15 p.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : smartbanner.js is a customizable smart app banner for iOS and Android. Prior to version 1.14.1, clicking on smartbanner `View` link and navigating to 3rd party page leaves `window.opener` exposed. It may allow hostile third parties to abuse `window.opener`, e.g. by redirection or injection on the original page with smartbanner. `rel=\"noopener\"` is automatically populated to links as of `v1.14.1` which is a recommended upgrade to resolve the vulnerability. Some workarounds are available for those who cannot upgrade. Ensure `View` link is only taking users to App Store or Google Play Store where security is guarded by respective app store security teams. If `View` link is going to a third party page, limit smartbanner.js to be used on iOS that decreases the scope of the vulnerability since as of Safari 12.1,  `rel=\"noopener\"` is imposed on all `target=\"_blank\"` links. Version 1.14.1 of smartbanner.js contains a fix for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T20:59:48.000000Z"}, {"uuid": "1375cae1-af5c-4411-96c8-cb545d988aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25305", "type": "published-proof-of-concept", "source": "Telegram/2uxF_1qoFB3hlCxfLn3xIrN9O42tmrJDZ5kGfls8NVGPMqg", "content": "", "creation_timestamp": "2025-02-18T20:31:23.000000Z"}, {"uuid": "b40b231c-fc7b-40bf-abbd-3d6292a7672a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2530", "type": "seen", "source": "https://t.me/cvedetector/21102", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2530 - Luxion KeyShot DAE File Parsing Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2530 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  \n  \nThe specific flaw exists within the parsing of dae files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23698. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:08.000000Z"}, {"uuid": "c984cff3-c15f-4ff7-a001-c62e0262832e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-25304", "type": "published-proof-of-concept", "source": "https://github.com/vega/vega/security/advisories/GHSA-mp7w-mhcv-673j", "content": "", "creation_timestamp": "2025-02-14T16:10:32.000000Z"}, {"uuid": "d71ed33d-93e0-4120-b624-782712663ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-25305", "type": "published-proof-of-concept", "source": "https://github.com/home-assistant/core/security/advisories/GHSA-m3pm-rpgg-5wj6", "content": "", "creation_timestamp": "2025-02-18T15:20:00.000000Z"}]}