{"vulnerability": "CVE-2025-2597", "sightings": [{"uuid": "ce6c86c7-ec1e-4c11-b162-6e7632310272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25977", "type": "seen", "source": "https://t.me/cvedetector/19965", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25977 - Canvg StyleElement Constructor Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25977 \nPublished : March 10, 2025, 4:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T19:02:30.000000Z"}, {"uuid": "2cbd7f45-556d-4d58-b034-ec6a8e399b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2597", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkvcp5g5wh26", "content": "", "creation_timestamp": "2025-03-21T13:23:53.751550Z"}, {"uuid": "b5ca162a-66be-4aa9-804e-53bc0e75c35e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25977", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk2cvzo7f726", "content": "", "creation_timestamp": "2025-03-10T19:45:48.764178Z"}, {"uuid": "fb3ffc06-4494-4d4c-973e-53b3405b29be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25975", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "4e255ce7-79c6-478a-8bd9-b3a4a6b2c5aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-25973", "type": "seen", "source": "https://gist.github.com/coleak2021/512acaa12ba0987499d560967acff1d1", "content": "", "creation_timestamp": "2025-02-19T02:51:41.000000Z"}, {"uuid": "701688fa-cb13-4f0a-8988-c4d46bcd980e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25975", "type": "seen", "source": "https://t.me/cvedetector/20167", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25975 - Git Parse Config Sensitive Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-25975 \nPublished : March 12, 2025, 7:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-12T22:53:43.000000Z"}, {"uuid": "b165fb33-b5db-445a-9491-a09fa21357d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25973", "type": "seen", "source": "https://t.me/cvedetector/18586", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25973 - Ppress Stored Cross Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-25973 \nPublished : Feb. 20, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : A stored Cross Site Scripting vulnerability in the \"related recommendations\" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T20:41:18.000000Z"}, {"uuid": "a2402ebf-bad7-4cc6-a5b3-b6c9125f4a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25977", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7013", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25977\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement.\n\ud83d\udccf Published: 2025-03-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-10T15:56:25.222Z\n\ud83d\udd17 References:\n1. https://github.com/canvg/canvg/issues/1749", "creation_timestamp": "2025-03-10T16:38:05.000000Z"}, {"uuid": "21fa2b29-ef9c-41dd-8753-cb5d489e151b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25975", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7366", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25975\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in parse-git-config v.3.0.0 allows an attacker to obtain sensitive information via the expandKeys function\n\ud83d\udccf Published: 2025-03-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-12T18:44:44.554Z\n\ud83d\udd17 References:\n1. https://github.com/jonschlinkert/parse-git-config/issues/14", "creation_timestamp": "2025-03-12T19:41:14.000000Z"}, {"uuid": "96c29e31-cbb9-4dcb-9ad0-a514fe2e2d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2597", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8331", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2597\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: Reflected Cross-Site Scripting (XSS) in ITIUM 6050 version 5.5.5.2-b3526 from Impact Technologies. This vulnerability could allow an attacker to execute malicious Javascript code via GET and POST requests to the \u2018/index.php\u2019 endpoint and injecting code into the \u2018id_session.\n\ud83d\udccf Published: 2025-03-21T11:50:02.392Z\n\ud83d\udccf Modified: 2025-03-21T11:50:02.392Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-vulnerability-itium-6050", "creation_timestamp": "2025-03-21T12:22:07.000000Z"}, {"uuid": "2b8c0718-0d19-46fa-95a6-91daf2327cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2597", "type": "seen", "source": "https://t.me/cvedetector/20806", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2597 - ITIUM 6050 Reflected Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-2597 \nPublished : March 21, 2025, 12:15 p.m. | 27\u00a0minutes ago \nDescription : Reflected Cross-Site Scripting (XSS) in ITIUM 6050 version 5.5.5.2-b3526 from Impact Technologies. This vulnerability could allow an attacker to execute malicious Javascript code via GET and POST requests to the \u2018/index.php\u2019 endpoint and injecting code into the \u2018id_session. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-21T14:18:22.000000Z"}]}