{"vulnerability": "cve-2025-5020", "sightings": [{"uuid": "995e985d-c819-41d7-b8e5-89370dc6ace5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50202", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lruiunmdxt2v", "content": "", "creation_timestamp": "2025-06-18T07:37:59.070714Z"}, {"uuid": "b2c90188-79d2-4c9e-bd2a-d310bd65e9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50200", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrycbdb7xt25", "content": "", "creation_timestamp": "2025-06-19T19:50:27.134390Z"}, {"uuid": "2bfc1660-41fa-4ca4-a1cc-f80a4a56d55f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50202", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrujpqorgp2r", "content": "", "creation_timestamp": "2025-06-18T07:53:08.175472Z"}, {"uuid": "3636b82d-ea52-43db-ab14-f98f9f2aad9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50201", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrwralbczp2k", "content": "", "creation_timestamp": "2025-06-19T05:13:08.752764Z"}, {"uuid": "16310c4b-aa21-4996-add2-46ac05596b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5020", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lppjvvscq424", "content": "", "creation_timestamp": "2025-05-21T21:22:53.049963Z"}, {"uuid": "d8352e9b-0607-4e97-896f-235dcfd6f9ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50200", "type": "seen", "source": "https://gist.github.com/Darkcrai86/48dbeda711b7ba1985979945ba5affff", "content": "", "creation_timestamp": "2025-09-24T06:40:10.000000Z"}, {"uuid": "17ddfae2-d236-4004-8b10-c456340807a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50202", "type": "seen", "source": "Telegram/4r04zWJgrmQv0yEVmAWjrKvQZP1gSq3jFlo4VyC10oe-FCw", "content": "", "creation_timestamp": "2025-06-18T05:31:44.000000Z"}, {"uuid": "a7919e32-3eb6-480b-aab5-8ec581dac2e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5020", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17161", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5020\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139.\n\ud83d\udccf Published: 2025-05-21T17:18:08.510Z\n\ud83d\udccf Modified: 2025-05-21T17:18:08.510Z\n\ud83d\udd17 References:\n1. https://bugzilla.mozilla.org/show_bug.cgi?id=1951558\n2. https://www.mozilla.org/security/advisories/mfsa2025-39/", "creation_timestamp": "2025-05-21T17:43:15.000000Z"}, {"uuid": "1a049662-e90a-4c97-8df3-b59fedb5ff6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50201", "type": "published-proof-of-concept", "source": "Telegram/46ceI5nsxcRHJRwxF0BC6VxuGD8BgaFNIkSgqW-NagPBDfM", "content": "", "creation_timestamp": "2025-06-19T05:01:47.000000Z"}, {"uuid": "3ef1e718-596c-44a3-8bf7-f9ed4eec7cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50202", "type": "published-proof-of-concept", "source": "https://t.me/liwaamohammad/3498", "content": "CVE-2025-50202\n\nFOFA\uff1a icon_hash=\"1848837197\"\n\nGET /image/..%2fetc%2fpasswd HTTP/1.1\n\n#exploit #poc", "creation_timestamp": "2025-06-24T22:51:37.000000Z"}, {"uuid": "9cff29d5-e329-4bf0-b397-4088b69c6647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50200", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18869", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-50200\n\ud83d\udd25 CVSS Score: 6.7 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which show base64 encoded username:password. This is easy to decode and afterwards could be used to obtain control to the system depending on credentials. This issue has been patched in version 4.0.8.\n\ud83d\udccf Published: 2025-06-19T16:14:24.919Z\n\ud83d\udccf Modified: 2025-06-19T16:14:24.919Z\n\ud83d\udd17 References:\n1. https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-gh3x-4x42-fvq8", "creation_timestamp": "2025-06-19T16:45:41.000000Z"}, {"uuid": "95f420ba-5d37-4457-a43d-50079ca8032d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50201", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18839", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-50201\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, an OS Command Injection vulnerability was identified in the /html/configuracao/debug_info.php endpoint. The branch parameter is not properly sanitized before being concatenated and executed in a shell command on the server's operating system. This flaw allows an unauthenticated attacker to execute arbitrary commands on the server with the privileges of the web server user (www-data). This issue has been patched in version 3.4.2.\n\ud83d\udccf Published: 2025-06-19T03:34:29.859Z\n\ud83d\udccf Modified: 2025-06-19T03:34:29.859Z\n\ud83d\udd17 References:\n1. https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-52p5-5fmw-9hrf\n2. https://github.com/LabRedesCefetRJ/WeGIA/commit/45f32ad1d52775fc99f3c90075c8136c6d4d1d3d", "creation_timestamp": "2025-06-19T04:41:30.000000Z"}, {"uuid": "81b022c3-ab2f-4c19-8927-1737ea75fe29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-50202", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18685", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-50202\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue has been patched in version 6.6.10.\n\ud83d\udccf Published: 2025-06-18T04:13:01.405Z\n\ud83d\udccf Modified: 2025-06-18T04:13:01.405Z\n\ud83d\udd17 References:\n1. https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-6rj9-gm78-vhf9\n2. https://github.com/LycheeOrg/Lychee/commit/ae7270b7b47e4a284ea1f69d260e52d592711072\n3. https://github.com/LycheeOrg/Lychee/blob/0709f5d984d4df77fc5e23a29a0231437e684e99/app/Http/Controllers/SecurePathController.php#L61", "creation_timestamp": "2025-06-18T04:39:49.000000Z"}]}