{"vulnerability": "cve-2025-6648", "sightings": [{"uuid": "b2ae2bd2-c3a3-4f9a-ac08-3a06a5e1e757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6648", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lshulzegs62a", "content": "", "creation_timestamp": "2025-06-26T00:28:29.407350Z"}, {"uuid": "40110069-0fae-41d4-9a35-03984c89ad9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66489", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m74fftjq2p2b", "content": "", "creation_timestamp": "2025-12-03T21:24:49.876006Z"}, {"uuid": "751dc95c-4f69-4a70-ac40-c02506c70987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6648", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-433/", "content": "", "creation_timestamp": "2025-06-25T03:00:00.000000Z"}, {"uuid": "1b814ad5-5262-4be1-8442-35f394aefa8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-66489", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/115658722177361585", "content": "", "creation_timestamp": "2025-12-04T01:34:06.729882Z"}, {"uuid": "b448a781-e345-4ff3-816b-8c0193eb4f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-66489", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3m74tdlwa3x2s", "content": "", "creation_timestamp": "2025-12-04T01:34:07.793655Z"}, {"uuid": "47a27d8a-56dc-4b60-9745-7b8ef8c62ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66480", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mdvysr5by623", "content": "", "creation_timestamp": "2026-02-02T23:29:25.281822Z"}, {"uuid": "590f1866-5c54-48b2-ac0e-f1ceececcad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66489", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3m7h2zu53sx2i", "content": "", "creation_timestamp": "2025-12-08T03:18:27.595465Z"}, {"uuid": "ca521b9d-b880-428f-9e20-f50419a7f307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-66481", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/115687039459245317", "content": "", "creation_timestamp": "2025-12-09T01:35:34.160269Z"}, {"uuid": "9ed9388b-2c72-4f47-8a4a-f346bd2a46ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66480", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mdvytlluca25", "content": "", "creation_timestamp": "2026-02-02T23:29:53.069918Z"}, {"uuid": "171b550a-59de-4fb3-a5bb-15e53479362c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-66481", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3m7jfqssj6w27", "content": "", "creation_timestamp": "2025-12-09T01:35:35.268141Z"}, {"uuid": "5a8ead91-6d51-42cc-8b1d-1768e67da70d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66481", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m7jk76l6ze2q", "content": "", "creation_timestamp": "2025-12-09T02:55:11.861507Z"}, {"uuid": "961eaddd-ac55-47ba-b571-f619767ec0e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66489", "type": "seen", "source": "https://infosec.exchange/users/technadu/statuses/115688169112189720", "content": "", "creation_timestamp": "2025-12-09T06:22:51.278325Z"}, {"uuid": "e5da9dc7-5c98-4d02-95ff-22b4602e34e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66489", "type": "seen", "source": "https://bsky.app/profile/technadu.com/post/3m7jvvp3ns226", "content": "", "creation_timestamp": "2025-12-09T06:24:48.252054Z"}, {"uuid": "e5c0ac45-8c89-43d6-8672-f3a694f56e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66482", "type": "published-proof-of-concept", "source": "Telegram/mJFISOaG9sdliiq532xrtHTh4hR6RCcMc304VWQpxZ4gXns", "content": "", "creation_timestamp": "2026-01-06T20:11:53.000000Z"}, {"uuid": "4f483c3c-bb9b-4cf7-9d02-288f8acdd268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66489", "type": "published-proof-of-concept", "source": "Telegram/GKw6KWu74hDM5ChLJJmVxv5UVQ8gqkAeQo71ShuHxpLjmP0", "content": "", "creation_timestamp": "2025-12-21T15:00:08.000000Z"}, {"uuid": "8e20285e-e4d6-438c-9f52-a57d92a8d350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6648", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19535", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-6648\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26671.\n\ud83d\udccf Published: 2025-06-25T21:42:51.639Z\n\ud83d\udccf Modified: 2025-06-25T21:42:51.639Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-433/\n2. https://www.pdf-xchange.com/support/security-bulletins.html", "creation_timestamp": "2025-06-25T21:50:19.000000Z"}, {"uuid": "b1a19ee1-f630-4986-8a44-df7e4ffb7d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66489", "type": "published-proof-of-concept", "source": "Telegram/rLKCH5UMyA6F-Z6d5BZHqsI3KF4VWjnDtolwppvitA45OA", "content": "", "creation_timestamp": "2025-12-08T18:48:33.000000Z"}, {"uuid": "07703076-2da7-42a2-bb5e-10edc61cad51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-66489", "type": "published-proof-of-concept", "source": "Telegram/KhP08QO7_METb6I7HjASrP1eXHc6jEsXOl-U_rWhwWcwwg", "content": "", "creation_timestamp": "2025-12-08T18:48:31.000000Z"}, {"uuid": "231e1f2c-dfe0-403f-b15d-1d5fc5c564f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-66482", "type": "published-proof-of-concept", "source": "https://github.com/misskey-dev/misskey/security/advisories/GHSA-wwrj-3hvj-prpm", "content": "", "creation_timestamp": "2025-12-13T10:32:43.000000Z"}]}