{"vulnerability": "cve-2025-4754", "sightings": [{"uuid": "17effdb4-87c7-4f3b-bae3-f311b3b7aa6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4754", "type": "seen", "source": "https://bsky.app/profile/theerlef.bsky.social/post/3lrsvf54jx227", "content": "", "creation_timestamp": "2025-06-17T16:16:40.874014Z"}, {"uuid": "ac140974-78c3-471a-9513-9a12d3656328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4754", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18591", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4754\n\ud83d\udd25 CVSS Score: 2.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Insufficient Session Expiration vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking. This vulnerability is associated with program files lib/ash_authentication_phoenix/controller.ex.\n\nThis issue affects ash_authentication_phoenix until 2.10.0.\n\ud83d\udccf Published: 2025-06-17T14:31:37.006Z\n\ud83d\udccf Modified: 2025-06-17T14:31:37.006Z\n\ud83d\udd17 References:\n1. https://github.com/team-alembic/ash_authentication_phoenix/security/advisories/GHSA-f7gq-h8jv-h3cq\n2. https://github.com/team-alembic/ash_authentication_phoenix/pull/634", "creation_timestamp": "2025-06-17T14:39:56.000000Z"}, {"uuid": "5fe4ce32-3217-4150-93af-409aa575a481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4754", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrt3e37ptq25", "content": "", "creation_timestamp": "2025-06-17T18:03:24.505196Z"}, {"uuid": "2e03a0b0-cbe5-4ad5-a7b3-25fdf3ab7765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47549", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15702", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47549\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server.\n\nThis issue affects BEAF: from n/a through 4.6.10.\n\ud83d\udccf Published: 2025-05-07T14:20:19.539Z\n\ud83d\udccf Modified: 2025-05-09T08:11:43.476Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/beaf-before-and-after-gallery/vulnerability/wordpress-beaf-4-6-10-arbitrary-file-upload-vulnerability?_s_id=cve\n2. https://ryankozak.com/posts/cve-2025-47549/\n3. https://github.com/d0n601/CVE-2025-47549", "creation_timestamp": "2025-05-09T08:25:21.000000Z"}, {"uuid": "0eb1467d-f041-4494-87a6-4228c2f62906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47549", "type": "published-proof-of-concept", "source": "Telegram/YazRL5wQLKC155Z8VxX1K8U4GAasuSOvtq6KBdJ4mEknQK4", "content": "", "creation_timestamp": "2025-05-09T13:00:07.000000Z"}]}