{"vulnerability": "cve-2025-2636", "sightings": [{"uuid": "9a1aca2f-f55e-4b47-9ac5-832ca3fef88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113991464757815941", "content": "", "creation_timestamp": "2025-02-12T14:48:37.900809Z"}, {"uuid": "829087e1-a8df-4e8f-9ef3-c06621fab0ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113991464810192408", "content": "", "creation_timestamp": "2025-02-12T14:48:41.079089Z"}, {"uuid": "51c93fed-3f8c-4df3-9edf-8d04bdb996c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113991464860891130", "content": "", "creation_timestamp": "2025-02-12T14:48:41.169873Z"}, {"uuid": "73ccb6df-3a9a-4547-a9bc-062a300918dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26360", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991532860053925", "content": "", "creation_timestamp": "2025-02-12T15:05:55.324944Z"}, {"uuid": "d913b0bd-431b-49b8-a792-b2a5a042821e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhyhdxsodp2y", "content": "", "creation_timestamp": "2025-02-12T15:09:31.170883Z"}, {"uuid": "5552a674-e94f-4622-a69c-68f6ffc794a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhyhdyobd72v", "content": "", "creation_timestamp": "2025-02-12T15:09:34.682209Z"}, {"uuid": "7a78dff5-5712-46ee-a6b0-cb09f019105a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhyhdyvuzr22", "content": "", "creation_timestamp": "2025-02-12T15:09:35.827961Z"}, {"uuid": "8b198ea4-7f1c-4929-a77d-12041cb88c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26361", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991591863366797", "content": "", "creation_timestamp": "2025-02-12T15:20:55.593269Z"}, {"uuid": "511c74e4-adad-4394-9216-68faef2137c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26362", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991591877323833", "content": "", "creation_timestamp": "2025-02-12T15:20:56.006854Z"}, {"uuid": "90b0ec7a-28c2-42d6-8fa4-b0f99e940c18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26363", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991591892435093", "content": "", "creation_timestamp": "2025-02-12T15:20:56.153379Z"}, {"uuid": "296ca58f-6d4a-4093-9721-6dae0d2d3321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26364", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991591906086798", "content": "", "creation_timestamp": "2025-02-12T15:20:56.266507Z"}, {"uuid": "dae5e25c-9fdc-424e-b7d7-c0a79e4d82bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26365", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991650909763601", "content": "", "creation_timestamp": "2025-02-12T15:35:56.590819Z"}, {"uuid": "6cf424af-93ed-400b-87eb-0f3166b57767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26366", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991650924200386", "content": "", "creation_timestamp": "2025-02-12T15:35:56.725486Z"}, {"uuid": "9a8ee568-ed81-4224-9764-56349467db64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26367", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991650940096022", "content": "", "creation_timestamp": "2025-02-12T15:35:57.046535Z"}, {"uuid": "df4839f0-a5c5-4f04-9db0-d19b948c54b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26368", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991650954070534", "content": "", "creation_timestamp": "2025-02-12T15:35:57.242099Z"}, {"uuid": "33697aaa-6e84-48a7-852b-3e22c6fad08f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26369", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113991709957795348", "content": "", "creation_timestamp": "2025-02-12T15:50:57.622852Z"}, {"uuid": "b461d4cd-0d7d-479f-a032-d5ff98b4d0d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmjcrdhepi2a", "content": "", "creation_timestamp": "2025-04-11T05:43:38.013224Z"}, {"uuid": "f2c46c7e-6bab-48d4-8928-1534eb453ae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3li2yp6xlct2s", "content": "", "creation_timestamp": "2025-02-13T15:25:23.359148Z"}, {"uuid": "3e8a1c03-2adc-4874-8ef1-6bddd0ea7eb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhzlt5finc2t", "content": "", "creation_timestamp": "2025-02-13T02:02:18.685107Z"}, {"uuid": "66a5a408-01f3-48bc-9605-618940826fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifspzm4jq2g", "content": "", "creation_timestamp": "2025-02-17T22:37:40.705548Z"}, {"uuid": "8f0deeae-0300-48cd-856b-754dc6c5585a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifspzo3sa2e", "content": "", "creation_timestamp": "2025-02-17T22:37:41.306183Z"}, {"uuid": "3a8daad0-a541-4704-b053-27dce0911428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifsq2opqi2e", "content": "", "creation_timestamp": "2025-02-17T22:37:42.415320Z"}, {"uuid": "6b6bb440-a63c-40f7-b9ca-a1ad2c19a2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifsq3p7dl2g", "content": "", "creation_timestamp": "2025-02-17T22:37:43.670842Z"}, {"uuid": "1ef06eb9-1033-4de8-90af-c110fdad9aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26361", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifsq4ptqy2q", "content": "", "creation_timestamp": "2025-02-17T22:37:44.704142Z"}, {"uuid": "06f53bb9-3314-4494-a000-c61ec8f64fee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifstuj4uk2w", "content": "", "creation_timestamp": "2025-02-17T22:39:49.486022Z"}, {"uuid": "f6214cd1-4ede-409a-b471-ac22b9a66606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifstuldah2c", "content": "", "creation_timestamp": "2025-02-17T22:39:49.959041Z"}, {"uuid": "843ed149-4a86-486c-ac92-88f41eaf46ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifstvltfo2e", "content": "", "creation_timestamp": "2025-02-17T22:39:51.531963Z"}, {"uuid": "a2f1fd52-6cf2-4fd1-809c-b691fec76e57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifstwmeva2v", "content": "", "creation_timestamp": "2025-02-17T22:39:52.924651Z"}, {"uuid": "2756e47e-5589-4486-a270-eb138d86fe07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26369", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lifstxorhy2v", "content": "", "creation_timestamp": "2025-02-17T22:39:54.099256Z"}, {"uuid": "774ef750-5c1e-41a5-8040-499b8d42a1b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lift7cctwy2l", "content": "", "creation_timestamp": "2025-02-17T22:46:13.042051Z"}, {"uuid": "bbf364c0-a2f0-45b9-affa-98a77208d80b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lift7ceski2g", "content": "", "creation_timestamp": "2025-02-17T22:46:13.556153Z"}, {"uuid": "ba1acf09-323a-4fca-ad1c-60cb1fb5aa85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lift7df4fl2z", "content": "", "creation_timestamp": "2025-02-17T22:46:14.691130Z"}, {"uuid": "882fd6c8-44f1-4af5-91ae-77e9ef14f86b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lift7efppa2g", "content": "", "creation_timestamp": "2025-02-17T22:46:15.881230Z"}, {"uuid": "d2de29e8-e632-4560-8f7d-048905dc24f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-26368", "type": "seen", "source": "https://bsky.app/profile/vulns.bsky.social/post/3lift7fge662o", "content": "", "creation_timestamp": "2025-02-17T22:46:17.408600Z"}, {"uuid": "ace59408-f6f8-4ee0-8857-0a75ce929b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114318226648146278", "content": "", "creation_timestamp": "2025-04-11T07:48:41.510258Z"}, {"uuid": "3c6c5b64-a080-4fb4-9d91-d4ed06a4caa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnfhjx23rtt2", "content": "", "creation_timestamp": "2025-04-22T10:32:23.486520Z"}, {"uuid": "504fde2e-fc66-4864-bc22-1a2c18781e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnkna674jm32", "content": "", "creation_timestamp": "2025-04-24T11:50:45.824779Z"}, {"uuid": "f510badf-7feb-4145-b1e0-50f61821dd4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lngoden5buv2", "content": "", "creation_timestamp": "2025-04-22T21:57:46.714416Z"}, {"uuid": "3f37ea6a-dcf3-4567-a311-0fe51cb6d3a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnhsveroizc2", "content": "", "creation_timestamp": "2025-04-23T08:52:01.876197Z"}, {"uuid": "35ac01c3-eee2-4666-8fa1-7a0419f10865", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lq6lkkwz522a", "content": "", "creation_timestamp": "2025-05-27T21:02:17.276849Z"}, {"uuid": "28190b55-f9ef-4193-9346-b5dcaf528d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnlqdj2jlic2", "content": "", "creation_timestamp": "2025-04-24T23:25:25.651968Z"}, {"uuid": "386475d6-bd27-41f5-a1ef-f2568fa1a4cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:37.000000Z"}, {"uuid": "c54f70de-943f-4daf-ae4a-d974f0033426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-2636.yaml", "content": "", "creation_timestamp": "2025-05-26T09:11:56.000000Z"}, {"uuid": "ded8c56e-7d21-4590-8c62-2a80a5ff4d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3lteti7iogc2w", "content": "", "creation_timestamp": "2025-07-07T12:55:41.725527Z"}, {"uuid": "d4efcd79-aed7-471c-83b3-438db1e91d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "2eb40c64-2a08-4062-b7cf-f4a5f038be57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11385", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2636\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The InstaWP Connect \u2013 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included.\n\ud83d\udccf Published: 2025-04-11T04:21:30.792Z\n\ud83d\udccf Modified: 2025-04-11T04:21:30.792Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/4c8f2c6f-c231-477c-895b-df892569ef95?source=cve\n2. https://plugins.trac.wordpress.org/browser/instawp-connect/trunk/includes/database-manager/loader.php#L77\n3. https://plugins.trac.wordpress.org/changeset/3269681/", "creation_timestamp": "2025-04-11T04:49:37.000000Z"}, {"uuid": "977aaaf3-932c-404c-8d7a-18b30d9be0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://t.me/NinjaSec/298", "content": "Certainly! Below is a curated list of critical CVEs from 2025 that involve code execution, browser bypasses, and internal service exposure. These are provided strictly for educational purposes to aid in understanding and mitigating such vulnerabilities.\n\n\n\ud83d\udd10 Critical CVEs from 2025 (Educational Use Only)\n\n1. CVE-2025-47241\n\nDescription: Whitelist bypass in the Browser Use automation tool allows attackers to access internal services via crafted URLs.\n\nCVSS Score: 9.3\n\nReference: \n\n\n\n2. CVE-2025-25014\n\nDescription: Prototype pollution in Kibana leads to arbitrary code execution through crafted HTTP requests to machine learning and reporting endpoints.\n\nCVSS Score: 9.1\n\nReference: \n\n\n\n3. CVE-2025-29927\n\nDescription: Authorization bypass in Next.js middleware allows attackers to access protected routes by manipulating internal headers.\n\nCVSS Score: 9.1\n\nReference: \n\n\n\n4. CVE-2025-24813\n\nDescription: \n\nCVSS Score: \n\nReference: \n\n\n\n5. CVE-2025-2783\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n6. CVE-2025-2636\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n7. CVE-2025-2505\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n8. CVE-2025-2746 & CVE-2025-2747\n\nDescription: \n\nCVSS Score: \n\nReference: \n\n\n\n9. CVE-2025-3066\n\nDescription: \n\nCVSS Score: High\n\nReference: \n\n\n\n10. CVE-2025-46728\n\nDescription: Denial of Service vulnerability in cpp-httplib, potentially exposing servers to service disruptions.\n\nCVSS Score: High\n\nReference: \n\n#HackersFactory", "creation_timestamp": "2025-05-19T12:58:14.000000Z"}, {"uuid": "469d5384-4e84-4dae-9715-a0ec4623580d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://t.me/NinjaSec/299", "content": "Code execution, and bypass vulnerabilities \u2014 for educational purposes only:\n\n\n1. CVE-2025-47241 \u2013 Whitelist bypass in Browser Use tool (CVSS 9.3)\n2. CVE-2025-25014 \u2013 Prototype pollution in Kibana (CVSS 9.1)\n3. CVE-2025-29927 \u2013 Next.js middleware authorization bypass (CVSS 9.1)\n4. CVE-2025-24813 \u2013 Apache Tomcat path traversal RCE (Critical)\n5. CVE-2025-2783 \u2013 Chrome Mojo use-after-free (High)\n6. CVE-2025-2636 \u2013 WordPress InstaWP plugin LFI (High)\n7. CVE-2025-2505 \u2013 WordPress Age Gate plugin LFI (High)\n8. CVE-2025-2746 \u2013 Kentico CMS auth bypass (CVSS 9.8)\n9. CVE-2025-2747 \u2013 Kentico CMS staging sync auth bypass (CVSS 9.8)\n10. CVE-2025-3066 \u2013 Chrome Site Isolation use-after-free (High)\n11. CVE-2025-46728 \u2013 cpp-httplib DoS vulnerability\n12. CVE-2025-12345 \u2013 Buffer overflow in XYZ app (CVSS 9.0)\n13. CVE-2025-12346 \u2013 SQL injection in ABC web app (CVSS 8.5)\n14. CVE-2025-12347 \u2013 XSS in DEF platform (CVSS 7.8)\n15. CVE-2025-12348 \u2013 Auth bypass in GHI system (CVSS 9.2)\n16. CVE-2025-12349 \u2013 RCE in JKL service via crafted packets (CVSS 9.5)\n17. CVE-2025-12350 \u2013 Privilege escalation in MNO app (CVSS 8.7)\n18. CVE-2025-12351 \u2013 Info disclosure in PQR system (CVSS 7.5)\n19. CVE-2025-12352 \u2013 DoS in STU server (CVSS 6.8)\n20. CVE-2025-12353 \u2013 Directory traversal in VWX app (CVSS 8.0)\n21. CVE-2025-12354 \u2013 Command injection in YZA tool (CVSS 9.1)\n22. CVE-2025-12355 \u2013 Insecure deserialization in BCD lib (CVSS 9.3)\n23. CVE-2025-12356 \u2013 CSRF in EFG portal (CVSS 7.2)\n24. CVE-2025-12357 \u2013 Memory corruption in HIJ driver (CVSS 8.9)\n25. CVE-2025-12358 \u2013 Improper auth in KLM API (CVSS 9.0)\n\n#HackersFactory", "creation_timestamp": "2025-05-07T15:48:27.000000Z"}, {"uuid": "d91f9b21-84bd-4936-bc6a-a416597cb7cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26365", "type": "seen", "source": "https://t.me/cvedetector/17873", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26365 - Q-Free MaxTime Missing Authentication for Critical Function\", \n  \"Content\": \"CVE ID : CVE-2025-26365 \nPublished : Feb. 12, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : A CWE-306 \"Missing Authentication for Critical Function\" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enable front panel authentication via crafted HTTP requests. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T16:02:48.000000Z"}, {"uuid": "7f8eea2b-6e5d-44c3-804e-8a0542609bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26360", "type": "seen", "source": "https://t.me/cvedetector/17884", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26360 - Q-Free MaxTime Missing Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26360 \nPublished : Feb. 12, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : A CWE-306 \"Missing Authentication for Critical Function\" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to delete dashboards via crafted HTTP requests. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T16:03:03.000000Z"}, {"uuid": "c5d3385f-5db3-4713-9098-291cf4506183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26364", "type": "seen", "source": "https://t.me/cvedetector/17878", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26364 - Q-Free MaxTime Missing Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26364 \nPublished : Feb. 12, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : A CWE-306 \"Missing Authentication for Critical Function\" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to disable an authentication profile server via crafted HTTP requests. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T16:02:55.000000Z"}, {"uuid": "c5250718-1827-4edf-9d17-4772bbf45d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "https://t.me/cvedetector/17875", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26368 - Q-Free MaxTime Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26368 \nPublished : Feb. 12, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : A CWE-862 \"Missing Authorization\" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to remove user groups via crafted HTTP requests. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T16:02:52.000000Z"}, {"uuid": "dcd62560-d913-429b-bb20-cb8a6b7c8340", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26367", "type": "seen", "source": "https://t.me/cvedetector/17874", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26367 - Q-Free MaxTime Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26367 \nPublished : Feb. 12, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : A CWE-862 \"Missing Authorization\" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to create arbitrary user groups via crafted HTTP requests. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T16:02:49.000000Z"}, {"uuid": "bb6507f8-c10c-4b2b-803a-b7320bd3c50c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "https://t.me/cvedetector/17876", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26369 - Q-Free MaxTime Authorization Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-26369 \nPublished : Feb. 12, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : A CWE-862 \"Missing Authorization\" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated (low-privileged) attacker to add privileges to user groups via crafted HTTP requests. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T16:02:53.000000Z"}, {"uuid": "980c0785-d2ae-4a2e-996d-dd5817600e11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "Telegram/vEXhmHLUKpE92yUkDLFo_nQzaP6w4B8ZTzitUZ1_hGZlUqw", "content": "", "creation_timestamp": "2025-02-12T15:37:02.000000Z"}, {"uuid": "eb15f50f-1867-41f8-9468-d72a40c24e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "https://t.me/cvedetector/22722", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2636 - InstaWP Connect WordPress Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2636 \nPublished : April 11, 2025, 5:15 a.m. | 2\u00a0hours, 1\u00a0minute ago \nDescription : The InstaWP Connect \u2013 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other \u201csafe\u201d file types can be uploaded and included. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-11T09:45:33.000000Z"}, {"uuid": "9fc68baf-e21f-46fd-b58b-d2338a7929d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26362", "type": "seen", "source": "Telegram/-xvFghkm9wAI3OH5CI2F-m8akBasfMJYjd3uJLYtuPd0nF4", "content": "", "creation_timestamp": "2025-02-12T15:37:04.000000Z"}, {"uuid": "033294bb-82dd-4bc6-9596-885161c03291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26366", "type": "seen", "source": "Telegram/-xvFghkm9wAI3OH5CI2F-m8akBasfMJYjd3uJLYtuPd0nF4", "content": "", "creation_timestamp": "2025-02-12T15:37:04.000000Z"}, {"uuid": "e679949f-df5b-4db7-b431-376b47d6e5e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26368", "type": "seen", "source": "Telegram/-xvFghkm9wAI3OH5CI2F-m8akBasfMJYjd3uJLYtuPd0nF4", "content": "", "creation_timestamp": "2025-02-12T15:37:04.000000Z"}, {"uuid": "5a7e673b-3da2-465e-9365-d8466c3faf58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26366", "type": "seen", "source": "https://t.me/cvedetector/17879", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26366 - Q-Free MaxTime Missing Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26366 \nPublished : Feb. 12, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : A CWE-306 \"Missing Authentication for Critical Function\" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to disable front panel authentication via crafted HTTP requests. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-12T16:02:56.000000Z"}, {"uuid": "2cfeb741-aa36-4449-a384-f628ed7efa2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26362", "type": "published-proof-of-concept", "source": "Telegram/lZEJiQD3O_3xPf1pBYP5mgJTFa8U9Tg1CM3lnY7moTw8EfI", "content": "", "creation_timestamp": "2025-02-12T15:37:05.000000Z"}, {"uuid": "3df4b629-4316-464b-b795-2871b0ca4b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26361", "type": "published-proof-of-concept", "source": "Telegram/lZEJiQD3O_3xPf1pBYP5mgJTFa8U9Tg1CM3lnY7moTw8EfI", "content": "", "creation_timestamp": "2025-02-12T15:37:05.000000Z"}, {"uuid": "f3747ff4-b4df-4ab1-9324-1b5134d37616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26365", "type": "seen", "source": "Telegram/-xvFghkm9wAI3OH5CI2F-m8akBasfMJYjd3uJLYtuPd0nF4", "content": "", "creation_timestamp": "2025-02-12T15:37:04.000000Z"}, {"uuid": "6b7156a2-f0a3-4f77-90b8-bfaf405cc9d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26363", "type": "seen", "source": "Telegram/-xvFghkm9wAI3OH5CI2F-m8akBasfMJYjd3uJLYtuPd0nF4", "content": "", "creation_timestamp": "2025-02-12T15:37:04.000000Z"}, {"uuid": "4c279de5-8afb-4ade-a07b-50f42b659f1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26369", "type": "seen", "source": "Telegram/-xvFghkm9wAI3OH5CI2F-m8akBasfMJYjd3uJLYtuPd0nF4", "content": "", "creation_timestamp": "2025-02-12T15:37:04.000000Z"}, {"uuid": "ddca09a8-000d-4b25-b400-4db105fd15a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26364", "type": "seen", "source": "Telegram/-xvFghkm9wAI3OH5CI2F-m8akBasfMJYjd3uJLYtuPd0nF4", "content": "", "creation_timestamp": "2025-02-12T15:37:04.000000Z"}, {"uuid": "0421d070-41a7-4393-a01a-851b48ca259d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2636", "type": "seen", "source": "Telegram/1qB1RkFwmv6BnoBfhjsBs3Xuw4shoXW4r5UiSJIaf3TtndU", "content": "", "creation_timestamp": "2025-04-22T09:12:54.000000Z"}]}