{"vulnerability": "cve-2025-30259", "sightings": [{"uuid": "19f89a76-3685-475c-98d3-8dec44d14a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30259", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4ct2fq27", "content": "", "creation_timestamp": "2025-04-11T21:02:28.192442Z"}, {"uuid": "de372ef9-d633-43c3-9c17-092844f9e1b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30259", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkrp2abves26", "content": "", "creation_timestamp": "2025-03-20T02:54:08.777733Z"}, {"uuid": "904ff6ae-a81e-4cec-9015-08d5e6ae6557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30259", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:27.000000Z"}, {"uuid": "40cbe6b4-ef47-4f1a-9990-0fc18ef98099", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30259", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/8166", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30259\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated with BIGPRETZEL.\n\ud83d\udccf Published: 2025-03-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-20T00:09:44.088Z\n\ud83d\udd17 References:\n1. https://www.bleepingcomputer.com/news/security/whatsapp-patched-zero-day-flaw-used-in-paragon-spyware-attacks/\n2. https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/", "creation_timestamp": "2025-03-20T00:17:59.000000Z"}, {"uuid": "32c8a091-4f13-497c-8f58-2d83e4dda2ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30259", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:26.000000Z"}, {"uuid": "668b858c-1fa9-44b1-9f3f-a9ae7ab201a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30259", "type": "exploited", "source": "https://t.me/cvedetector/20690", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30259 - WhatsApp Cloud Service PDF Sandbox Evasion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30259 \nPublished : March 20, 2025, 12:15 a.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated with BIGPRETZEL. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T03:11:19.000000Z"}]}