{"uuid": "ee9281f7-b362-4938-8c32-c865df6b08e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23209", "type": "seen", "source": "https://t.me/brutsecurity/1553", "content": "CVE-2025-23209: Code Injection in CraftCMS, 8.1 rating\u2757\ufe0f\n\nCraft CMS contains a code injection vulnerability that allows for remote code execution as vulnerable versions have compromised user security keys.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/brxoj\n\ud83d\udc49 Dork: http.headers.x_powered_by:\"Craft CMS\"\n\nVendor's advisory: https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x", "creation_timestamp": "2026-07-09T03:00:09.482435Z"}