{"vulnerability": "cve-2025-2190", "sightings": [{"uuid": "304a4c4c-e8ae-4b05-9cad-535cd3f2483f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2190", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114144581938818531", "content": "", "creation_timestamp": "2025-03-11T15:48:20.417083Z"}, {"uuid": "920e78ca-8bbb-4243-9414-b97736b3f8f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21908", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "91221f19-2272-4bc5-8ed2-0e6647be52c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2190", "type": "seen", "source": "https://t.me/cvedetector/20035", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2190 - TranssNet Store Man-in-the-Middle Attack Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2190 \nPublished : March 11, 2025, 7:15 a.m. | 46\u00a0minutes ago \nDescription : The mobile application (com.transsnet.store) has a man-in-the-middle attack vulnerability, which may lead to code injection risks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T09:15:40.000000Z"}, {"uuid": "af8730e9-4208-4ecc-b92a-231acb138c09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2190", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7108", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2190\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The mobile application (com.transsnet.store) has a man-in-the-middle attack vulnerability, which may lead to code injection risks.\n\ud83d\udccf Published: 2025-03-11T07:09:09.942Z\n\ud83d\udccf Modified: 2025-03-11T07:09:09.942Z\n\ud83d\udd17 References:\n1. https://security.tecno.com/SRC/blogdetail/393?lang=en_US\n2. https://security.tecno.com/SRC/securityUpdates", "creation_timestamp": "2025-03-11T07:39:34.000000Z"}, {"uuid": "ae3266ff-e487-49fb-b584-db7a395b846b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21901", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9920", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21901\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Add sanity checks on rdev validity\n\nThere is a possibility that ulp_irq_stop and ulp_irq_start\ncallbacks will be called when the device is in detached state.\nThis can cause a crash due to NULL pointer dereference as\nthe rdev is already freed.\n\ud83d\udccf Published: 2025-04-01T15:26:51.807Z\n\ud83d\udccf Modified: 2025-04-01T15:26:51.807Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/aed1bc673907e3df372b317c10ff2f3582f8bf1a\n2. https://git.kernel.org/stable/c/8cb0eef46d70a99c88c26a1addb7fd955242e0e6\n3. https://git.kernel.org/stable/c/f0df225d12fcb049429fb5bf5122afe143c2dd15", "creation_timestamp": "2025-04-01T15:32:37.000000Z"}, {"uuid": "187801ea-2c7e-44ac-995b-53ead82e1014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21900", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9921", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21900\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Fix a deadlock when recovering state on a sillyrenamed file\n\nIf the file is sillyrenamed, and slated for delete on close, it is\npossible for a server reboot to triggeer an open reclaim, with can again\nrace with the application call to close(). When that happens, the call\nto put_nfs_open_context() can trigger a synchronous delegreturn call\nwhich deadlocks because it is not marked as privileged.\n\nInstead, ensure that the call to nfs4_inode_return_delegation_on_close()\ncatches the delegreturn, and schedules it asynchronously.\n\ud83d\udccf Published: 2025-04-01T15:26:51.290Z\n\ud83d\udccf Modified: 2025-04-01T15:26:51.290Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/4fe4ae6c2e01d028856b73b6328b12b8945df871\n2. https://git.kernel.org/stable/c/f41a60bc43e7abbc636fee78bed0d74c31e738b0\n3. https://git.kernel.org/stable/c/8f8df955f078e1a023ee55161935000a67651f38", "creation_timestamp": "2025-04-01T15:32:38.000000Z"}]}