{"vulnerability": "cve-2025-5247", "sightings": [{"uuid": "70b071c5-51fa-4719-9388-1c69a2f1531e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52477", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsjyn57xeb2o", "content": "", "creation_timestamp": "2025-06-26T20:46:01.527319Z"}, {"uuid": "654ac13e-f024-467d-9886-18266f34afca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5247", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq6247irrxa2", "content": "", "creation_timestamp": "2025-05-27T15:50:31.738081Z"}, {"uuid": "ab8244ab-88cf-4478-8187-7568a4ba432d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5247", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq6anlqquh2m", "content": "", "creation_timestamp": "2025-05-27T17:47:06.688103Z"}, {"uuid": "c7c74db6-b836-4c16-97c0-28a5760ebabb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52474", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrwtr3jjbw2v", "content": "", "creation_timestamp": "2025-06-19T05:58:10.183038Z"}, {"uuid": "bcfa788e-f302-4583-ab4a-aa0dff919069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52471", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsfgyxmup22a", "content": "", "creation_timestamp": "2025-06-25T01:19:51.831630Z"}, {"uuid": "1ab836ef-f976-40bc-b9d1-759261d0b198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52472", "type": "seen", "source": "https://mastodon.social/users/leakix/statuses/115643252882270642", "content": "", "creation_timestamp": "2025-12-01T08:00:05.358543Z"}, {"uuid": "00d5308c-6cc9-45e3-852b-ac83b4c6457c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52472", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m6ztoxqqgt2b", "content": "", "creation_timestamp": "2025-12-02T21:02:37.888645Z"}, {"uuid": "1ace32ba-eda4-4441-b8d0-ef02d96b6311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52472", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-52472.yaml", "content": "", "creation_timestamp": "2025-11-03T04:08:11.000000Z"}, {"uuid": "9ba11cc4-f9ac-4675-bc73-290645eaffe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52472", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m4qw67lswh26", "content": "", "creation_timestamp": "2025-11-03T21:02:29.313051Z"}, {"uuid": "c45ce88d-ace9-4b7d-b9ac-4ca8ce2e3832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52474", "type": "published-proof-of-concept", "source": "Telegram/46ceI5nsxcRHJRwxF0BC6VxuGD8BgaFNIkSgqW-NagPBDfM", "content": "", "creation_timestamp": "2025-06-19T05:01:47.000000Z"}, {"uuid": "384c0421-6089-4012-940f-f7fb7c82a975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52472", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/142", "content": "", "creation_timestamp": "2025-11-04T18:36:49.000000Z"}, {"uuid": "1f7a6aac-f65f-4717-a519-1560bfe5fc07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52474", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18836", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52474\n\ud83d\udd25 CVSS Score: 8.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N)\n\ud83d\udd39 Description: WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, a SQL Injection vulnerability was identified in the id parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. This issue has been patched in version 3.4.2.\n\ud83d\udccf Published: 2025-06-19T03:40:47.301Z\n\ud83d\udccf Modified: 2025-06-19T03:40:47.301Z\n\ud83d\udd17 References:\n1. https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rwvh-2gfh-wmcm\n2. https://github.com/LabRedesCefetRJ/WeGIA/commit/b6fbb3e21b8d71e50afe0395dca44acdd1ca2e29", "creation_timestamp": "2025-06-19T04:41:27.000000Z"}, {"uuid": "56ee1ec8-d172-4e36-9952-4574995ec83f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52471", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19404", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52471\n\ud83d\udd25 CVSS Score: 7.2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficient validation of user-supplied data length in the packet receive function. Under certain conditions, this may lead to out-of-bounds memory access and may allow arbitrary memory write operations. On systems without a memory protection scheme, this behavior could potentially be used to achieve remote code execution (RCE) on the target device. In versions 5.4.2, 5.3.4, 5.2.6, and 5.1.6, ESP-NOW has added more comprehensive validation logic on user-supplied data length during packet reception to prevent integer underflow caused by negative value calculations. For ESP-IDF v5.3 and earlier, a workaround can be applied by validating that the `data_len` parameter received in the RX callback (registered via `esp_now_register_recv_cb()`) is a positive value before further processing. For ESP-IDF v5.4 and later, no application-level workaround is available. Users are advised to upgrade to a patched version of ESP-IDF to take advantage of the built-in mitigation.\n\ud83d\udccf Published: 2025-06-24T19:53:06.066Z\n\ud83d\udccf Modified: 2025-06-24T20:02:18.529Z\n\ud83d\udd17 References:\n1. https://github.com/espressif/esp-idf/security/advisories/GHSA-hqhh-cp47-fv5g\n2. https://github.com/espressif/esp-idf/commit/b1a379d57430d265a53aca13d59ddfbf2e7ac409\n3. https://github.com/espressif/esp-idf/commit/c5fc81917805f99e687c81cc56b68dc5df7ef8b5\n4. https://github.com/espressif/esp-idf/commit/d4dafbdc3572387cd4f9a62b776580bc4ac3bde7\n5. https://github.com/espressif/esp-idf/commit/d6ec5a52255b17c1d6ef379e89f9de2c379042f8\n6. https://github.com/espressif/esp-idf/commit/df7757d8279871fa7a2f42ef3962c6c1ec88b8a2\n7. https://github.com/espressif/esp-idf/commit/edc227c5eaeced999b5212943a9434379f8aad80", "creation_timestamp": "2025-06-24T20:48:01.000000Z"}, {"uuid": "f0c34d7f-8ae2-46a2-bda2-e19a57a4848a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52479", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19486", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52479\n\ud83d\udd25 CVSS Score: 7.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P)\n\ud83d\udd39 Description: HTTP.jl provides HTTP client and server functionality for Julia, and URIs.jl parses and works with Uniform Resource Identifiers (URIs). URIs.jl prior to version 1.6.0 and HTTP.jl prior to version 1.10.17 allows the construction of URIs containing CR/LF characters. If user input was not otherwise escaped or protected, this can lead to a CRLF injection attack. Users of HTTP.jl should upgrade immediately to HTTP.jl v1.10.17, and users of URIs.jl should upgrade immediately to URIs.jl v1.6.0. The check for valid URIs is now in the URI.jl package, and the latest version of HTTP.jl incorporates that fix. As a workaround, manually validate any URIs before passing them on to functions in this package.\n\ud83d\udccf Published: 2025-06-25T16:06:45.402Z\n\ud83d\udccf Modified: 2025-06-25T16:06:45.402Z\n\ud83d\udd17 References:\n1. https://github.com/JuliaWeb/HTTP.jl/security/advisories/GHSA-4g68-4pxg-mw93\n2. https://github.com/JuliaWeb/URIs.jl/pull/66", "creation_timestamp": "2025-06-25T16:47:44.000000Z"}, {"uuid": "82d718d7-62d3-47c8-a7b4-89c142facd2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52477", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19645", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52477\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: Octo-STS is a GitHub App that acts like a Security Token Service (STS) for the GitHub API. Octo-STS versions before v0.5.3 are vulnerable to unauthenticated SSRF by abusing fields in OpenID Connect tokens. Malicious tokens were shown to trigger internal network requests which could reflect error logs with sensitive information. Upgrade to v0.5.3 to resolve this issue. This version includes patch sets to sanitize input and redact logging.\n\ud83d\udccf Published: 2025-06-26T16:46:09.380Z\n\ud83d\udccf Modified: 2025-06-26T16:46:09.380Z\n\ud83d\udd17 References:\n1. https://github.com/octo-sts/app/security/advisories/GHSA-h3qp-hwvr-9xcq\n2. https://github.com/octo-sts/app/security/advisories/GHSA-h3qp-hwvr-9xcq\n3. https://github.com/octo-sts/app/commit/0f177fde54f9318e33f0bba6abaea9463a7c3afd\n4. https://github.com/octo-sts/app/commit/b3976e39bd8c8c217c0670747d34a4499043da92", "creation_timestamp": "2025-06-26T17:51:01.000000Z"}]}