{"vulnerability": "CVE-2025-2532", "sightings": [{"uuid": "a7a9bdf7-9328-4184-9cd2-e08579cdf174", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25325", "type": "seen", "source": "MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18", "content": "", "creation_timestamp": "2025-08-19T18:29:29.000000Z"}, {"uuid": "3c72f757-857e-4ad4-a01d-ad2b5d993cf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2532", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-175/", "content": "", "creation_timestamp": "2025-03-20T04:00:00.000000Z"}, {"uuid": "558e26f1-dbad-4193-a0b8-0c303f50feca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25323", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6hjfkeum2c", "content": "", "creation_timestamp": "2025-02-27T17:53:40.768081Z"}, {"uuid": "7add79ce-a010-4003-a798-8e3d2aee9337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25326", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6hjfnsfr25", "content": "", "creation_timestamp": "2025-02-27T17:53:41.326487Z"}, {"uuid": "293539fc-84d6-4d45-85e5-9bfd19593666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25325", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6hjfvia72p", "content": "", "creation_timestamp": "2025-02-27T17:53:42.427107Z"}, {"uuid": "9b240d53-a52e-400c-abb0-9a000956da89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25324", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj6hjg5eaq2y", "content": "", "creation_timestamp": "2025-02-27T17:53:43.566854Z"}, {"uuid": "db20fc68-38de-492f-a2d5-c0e6dbb13043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2532", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7xdpdd552j", "content": "", "creation_timestamp": "2025-03-25T18:59:53.255303Z"}, {"uuid": "2229585f-4b47-4efd-b5c4-3c419585b45e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25326", "type": "seen", "source": "https://t.me/cvedetector/19059", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25326 - Merchants Union Finance iOS URL Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25326 \nPublished : Feb. 27, 2025, 4:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T19:15:51.000000Z"}, {"uuid": "a41f7919-7fb0-40c9-80d1-192a895caf84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25325", "type": "seen", "source": "https://t.me/cvedetector/19058", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25325 - YuPao DirectHire iOS URL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25325 \nPublished : Feb. 27, 2025, 4:15 p.m. | 1\u00a0hour, 16\u00a0minutes ago \nDescription : An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information via supplying a crafted link. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T19:15:51.000000Z"}, {"uuid": "8865d0a9-9d0d-44cb-b775-c3ad072d1ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25324", "type": "seen", "source": "https://t.me/cvedetector/19057", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25324 - Shandong Provincial Big Data Center AiShanDong iOS Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25324 \nPublished : Feb. 27, 2025, 4:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access sensitive user information via supplying a crafted link. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T19:15:50.000000Z"}, {"uuid": "50e2d027-e3b4-4655-9e68-e190fac7c748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25325", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5709", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25325\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information via supplying a crafted link.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T16:09:09.535Z\n\ud83d\udd17 References:\n1. https://github.com/ZhouZiyi1/Vuls/blob/main/250112-YuPaoDirectHire/250112-YuPaoDirectHire.pdf", "creation_timestamp": "2025-02-27T16:26:04.000000Z"}, {"uuid": "9c8f75c2-ee35-466e-9ab0-7c516d131f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25323", "type": "seen", "source": "https://t.me/cvedetector/19061", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25323 - \"51Job iOS URL Injection\"\", \n  \"Content\": \"CVE ID : CVE-2025-25323 \nPublished : Feb. 27, 2025, 4:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user information via supplying a crafted link. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T19:15:53.000000Z"}, {"uuid": "78e9edf1-740a-4bd2-8217-d3ddaefe62a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25329", "type": "seen", "source": "https://t.me/cvedetector/19048", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25329 - Tencent MicroVision iOS Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25329 \nPublished : Feb. 27, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision iOS 8.137.0 allows attackers to access sensitive user information via supplying a crafted link. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-27T19:15:37.000000Z"}, {"uuid": "ce811f70-229d-4803-b874-60c6ca12e41f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25323", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5708", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25323\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user information via supplying a crafted link.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T16:10:11.211Z\n\ud83d\udd17 References:\n1. https://github.com/ZhouZiyi1/Vuls/blob/main/250111-51Job/250111-51Job.pdf", "creation_timestamp": "2025-02-27T16:26:03.000000Z"}, {"uuid": "10f7dcd1-f74c-4d86-9575-1426d2cf2e31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25324", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5710", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25324\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access sensitive user information via supplying a crafted link.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T16:08:16.166Z\n\ud83d\udd17 References:\n1. https://github.com/ZhouZiyi1/Vuls/blob/main/250111-AiShanDong/250111-AiShanDong.pdf", "creation_timestamp": "2025-02-27T16:26:08.000000Z"}, {"uuid": "08edf9e9-5bd5-442c-9a12-25eac0e861d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25326", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5712", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25326\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T16:06:43.433Z\n\ud83d\udd17 References:\n1. https://github.com/ZhouZiyi1/Vuls/blob/main/250115-MerchantsUnionFinance/250115-MerchantsUnionFinance.pdf", "creation_timestamp": "2025-02-27T16:26:10.000000Z"}, {"uuid": "17bd9766-7357-4271-b9cb-db0d7c216ad8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25326", "type": "seen", "source": "Telegram/i-yX1Mw7vF1gNl42tzz7TeaK7DystZIun-GUPK45LnYaXX4s", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "46629789-8c19-44ae-bb31-230641333326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25329", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5701", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25329\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision iOS 8.137.0 allows attackers to access sensitive user information via supplying a crafted link.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T16:19:17.566Z\n\ud83d\udd17 References:\n1. https://github.com/ZhouZiyi1/Vuls/blob/main/250116-TencentMicroVision/250116-TencentMicroVision.pdf", "creation_timestamp": "2025-02-27T16:25:54.000000Z"}, {"uuid": "b39086d3-0b3e-4ad5-8afa-bd8b71d2176e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2532", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8658", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2532\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of usdc files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23709.\n\ud83d\udccf Published: 2025-03-25T14:17:11.135Z\n\ud83d\udccf Modified: 2025-03-25T14:17:11.135Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-175/", "creation_timestamp": "2025-03-25T14:24:10.000000Z"}, {"uuid": "ad405b17-58b6-4ce1-9854-1673678be8be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2532", "type": "seen", "source": "https://t.me/cvedetector/21104", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2532 - Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2532 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  \n  \nThe specific flaw exists within the parsing of usdc files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23709. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:13.000000Z"}, {"uuid": "c1b24062-7a1d-4755-9489-3d23044a7f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25329", "type": "seen", "source": "Telegram/DGO5ttcFro3pNtERhN9Oi3VFaiahHsoIvwwAF1CirDt60tBS", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "39a23d80-eb55-4d9d-923a-268b67e33a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25325", "type": "seen", "source": "Telegram/iTdQgLie5-CGcmTUIXz3Fj1sZIA1cSWQMlN83NbcXV6TRr5a", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "362d03da-349e-4a67-9cfb-de6454f9326d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25324", "type": "seen", "source": "Telegram/TC6lXfe98-_XIm6jqQnJaV0JGFddP8D2v2Z6jDXWXM0FGiE-", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "42dd575a-9db1-40c6-afce-282262af731b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25323", "type": "seen", "source": "Telegram/8X-udYk_wxM3X4dhkxjb7RlZUkms1ZgogZzYrRaEUOLYWeaq", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}]}