{"uuid": "73f7c4bb-b36d-43d4-bca8-4d275b6f1c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23209", "type": "seen", "source": "https://t.me/brutsecurity/1553", "content": "CVE-2025-23209: Code Injection in CraftCMS, 8.1 rating\u2757\ufe0f\n\nCraft CMS contains a code injection vulnerability that allows for remote code execution as vulnerable versions have compromised user security keys.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/brxoj\n\ud83d\udc49 Dork: http.headers.x_powered_by:\"Craft CMS\"\n\nVendor's advisory: https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x", "creation_timestamp": "2026-07-10T00:00:33.115806Z"}