{"vulnerability": "CVE-2025-25362", "sightings": [{"uuid": "3bfb6884-f291-4ee9-a400-0f961411e27d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-19T02:47:45.000000Z"}, {"uuid": "8978561e-840f-4736-87bc-79c08d11e435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114116743799665732", "content": "", "creation_timestamp": "2025-03-06T17:48:43.512968Z"}, {"uuid": "1b076b3a-7bd9-4e71-9f2d-98f0cbbe05bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljqpb3xgca24", "content": "", "creation_timestamp": "2025-03-07T00:00:07.906545Z"}, {"uuid": "38f33a9d-cb5b-498d-9e43-dff14831c413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "seen", "source": "MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3", "content": "", "creation_timestamp": "2025-08-18T13:31:23.000000Z"}, {"uuid": "946fff54-47f4-4ec8-a1ec-ee53877276ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljo5nlello2h", "content": "", "creation_timestamp": "2025-03-05T23:39:40.671681Z"}, {"uuid": "17f99728-4f9d-4410-b06f-4593cffc7992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11003", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25362\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field.\n\ud83d\udccf Published: 2025-03-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-08T20:35:57.417Z\n\ud83d\udd17 References:\n1. https://github.com/explosion/spacy-llm/issues/492\n2. https://www.hacktivesecurity.com/blog/2025/04/01/cve-2025-25362-old-vulnerabilities-new-victims-breaking-llm-prompts-with-ssti/", "creation_timestamp": "2025-04-08T20:46:47.000000Z"}, {"uuid": "6bc33036-749f-4e7e-83dc-ba71086ae269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6613", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25362\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field.\n\ud83d\udccf Published: 2025-03-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-05T20:12:58.165Z\n\ud83d\udd17 References:\n1. https://github.com/explosion/spacy-llm/issues/492", "creation_timestamp": "2025-03-05T20:36:50.000000Z"}, {"uuid": "d23bfbe5-8de1-4f93-8e7f-e20e8ddccc92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25362", "type": "seen", "source": "https://t.me/cvedetector/19666", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25362 - Spacy-LLM SSTI Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-25362 \nPublished : March 5, 2025, 9:15 p.m. | 2\u00a0hours, 22\u00a0minutes ago \nDescription : A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T01:18:24.000000Z"}]}