{"vulnerability": "CVE-2025-4166", "sightings": [{"uuid": "bc704a57-6495-474f-9405-5f908fdbd864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgy2kgrcq2e", "content": "", "creation_timestamp": "2025-07-08T09:22:50.100757Z"}, {"uuid": "363aebd5-b2d1-42c8-8d06-a628a3797987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.173417Z"}, {"uuid": "acb8becc-0908-4862-a822-751e10b158f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.291370Z"}, {"uuid": "9b9a3b8b-950f-4bf5-b659-5fd40bbaa6e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41668", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.404926Z"}, {"uuid": "eafef10d-d2c8-43a0-8fed-4966d2c73896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41665", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114816362788303261", "content": "", "creation_timestamp": "2025-07-08T07:11:01.511197Z"}, {"uuid": "ce9c307d-80ea-4d74-937e-773f2c662dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114663692500389345", "content": "", "creation_timestamp": "2025-06-11T08:04:57.429306Z"}, {"uuid": "ac559105-4cb1-45d8-97f1-81d64ba7f3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.668085Z"}, {"uuid": "0acfc2be-da19-439c-873d-72d3ecc32def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41665", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.991546Z"}, {"uuid": "0a8410bd-c8d3-4389-8685-4f5a5fe7fb9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.782223Z"}, {"uuid": "fa2d96b1-6b0a-496a-b31b-9b87adc95f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41668", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72", "content": "", "creation_timestamp": "2025-07-08T07:11:10.889023Z"}, {"uuid": "4a3d91ee-87e7-4bf9-807d-d69047fd4919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lrcx4ijeuks2", "content": "", "creation_timestamp": "2025-06-11T08:05:02.840664Z"}, {"uuid": "7da9d837-c735-4b2b-af7e-260da0862e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lrcx4ijeuks2", "content": "", "creation_timestamp": "2025-06-11T08:05:02.950976Z"}, {"uuid": "95f824d6-b2a4-4f6f-8ce3-71734ed1c996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lrcx4ijeuks2", "content": "", "creation_timestamp": "2025-06-11T08:05:03.049637Z"}, {"uuid": "fca95235-2ef7-4b12-93e4-b9c555daed5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41668", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgylvpc2t2y", "content": "", "creation_timestamp": "2025-07-08T09:32:32.547520Z"}, {"uuid": "b64c8979-d9df-4a1c-a0d2-ca59cb0437e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgyrbrl562b", "content": "", "creation_timestamp": "2025-07-08T09:35:32.932145Z"}, {"uuid": "d412791b-841d-4c4a-b083-4ac8504ac7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41665", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltgz5xqebu2b", "content": "", "creation_timestamp": "2025-07-08T09:42:38.706272Z"}, {"uuid": "8ec58ff0-1858-4eb1-936e-8b257a062ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114663692500389345", "content": "", "creation_timestamp": "2025-06-11T08:04:57.517568Z"}, {"uuid": "0568c837-e447-48aa-8587-ee74f166f56e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/114663692500389345", "content": "", "creation_timestamp": "2025-06-11T08:04:57.604675Z"}, {"uuid": "92b79217-8917-4442-a35c-1ad49789c4d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-06T01:04:20.000000Z"}, {"uuid": "6ddab219-d5e5-47af-9b2e-26289e716ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo77gzrlqga2", "content": "", "creation_timestamp": "2025-05-02T16:15:16.696629Z"}, {"uuid": "cc73069a-df52-4d5a-a9b9-958bde87a1d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo7frger7n2n", "content": "", "creation_timestamp": "2025-05-02T18:01:03.862538Z"}, {"uuid": "9c668c15-d3fb-432c-b0b8-5d7cf8eb2488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrdb3lmcrv2a", "content": "", "creation_timestamp": "2025-06-11T11:03:26.339989Z"}, {"uuid": "b58bb47c-2d1d-4e7f-a5ca-2d1c679b5bf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrdbm7pmf62k", "content": "", "creation_timestamp": "2025-06-11T11:12:44.189231Z"}, {"uuid": "1029f707-4824-4ca6-b993-f01ad31acfc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrdcq222ww2s", "content": "", "creation_timestamp": "2025-06-11T11:32:46.338390Z"}, {"uuid": "d129a0b3-bc23-44a6-baf6-63a6ad7b2752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-06T01:04:20.000000Z"}, {"uuid": "aff39f4f-62b1-4abd-83ac-79630db29f44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhsequbasc25", "content": "", "creation_timestamp": "2026-03-24T10:33:13.239986Z"}, {"uuid": "222d2b7c-918e-4809-b419-9899c1c72d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41664", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lycn6hzh62i2", "content": "", "creation_timestamp": "2025-09-08T07:04:41.007278Z"}, {"uuid": "59fd4df8-02da-4598-b7aa-82372fe99edc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-41664", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lycoqsvfwc2s", "content": "", "creation_timestamp": "2025-09-08T07:31:40.435483Z"}, {"uuid": "f3e2f121-feaf-4deb-a28c-76ceb1558a14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41666", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-21T10:03:55.000000Z"}, {"uuid": "233c6da0-7ce4-40a4-9360-8c5f084ccad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41667", "type": "seen", "source": "MISP/853ff921-86fb-463b-bc2a-2860bf336b81", "content": "", "creation_timestamp": "2025-08-21T10:03:55.000000Z"}, {"uuid": "7fda9a26-3495-4027-a610-11b37c63d7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116283045909330832", "content": "", "creation_timestamp": "2026-03-24T07:47:49.608352Z"}, {"uuid": "a757c2e5-39a7-4170-a627-e1bd74bac4b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2025-41660", "content": "", "creation_timestamp": "2026-03-24T07:16:00.000000Z"}, {"uuid": "5a8a02b4-4677-4293-aa37-3926f882fd8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14497", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4166\n\ud83d\udd25 CVSS Score: 4.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloads during secret creation or update operations via the Vault REST API. This vulnerability, identified as CVE-2025-4166, is fixed in Vault Community 1.19.3 and Vault Enterprise 1.19.3, 1.18.9, 1.17.16, 1.16.20.\n\ud83d\udccf Published: 2025-05-02T14:57:58.710Z\n\ud83d\udccf Modified: 2025-05-02T14:57:58.710Z\n\ud83d\udd17 References:\n1. https://discuss.hashicorp.com/t/hcsec-2025-09-vault-may-expose-sensitive-information-in-error-logs-when-processing-malformed-data-with-the-kv-v2-plugin", "creation_timestamp": "2025-05-02T15:17:00.000000Z"}, {"uuid": "72c9906c-1af0-4305-8fe8-43565235c2bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "Telegram/R10UXZSi1fRv32CnNZ1k2M8nZvZVrIYKWQMEFWF4lOTwYjs", "content": "", "creation_timestamp": "2025-06-12T01:18:06.000000Z"}, {"uuid": "a58eaf20-61f6-478e-a29e-6489cfc52961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41660", "type": "seen", "source": "https://t.me/bdufstecru/3039", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 CODESYS \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0435\u043c\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434\n\nBDU:2026-04079\nCVE-2025-41660\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0443\u0442\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u00abYES\u00bb \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 SECURITY.EnforceSignedCode;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u0445\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043f\u043e \u00ab\u0431\u0435\u043b\u044b\u043c \u0441\u043f\u0438\u0441\u043a\u0430\u043c\u00bb;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 SIEM-\u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442).\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://certvde.com/de/advisories/VDE-2026-011", "creation_timestamp": "2026-03-27T13:02:44.000000Z"}, {"uuid": "6357fc0e-1d5a-4af0-9796-2c2e85ff5cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41663", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18058", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41663\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers and gain arbitrary command execution with elevated privileges.\n\ud83d\udccf Published: 2025-06-11T08:15:55.357Z\n\ud83d\udccf Modified: 2025-06-11T08:15:55.357Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-052", "creation_timestamp": "2025-06-11T08:32:29.000000Z"}, {"uuid": "812024f2-02d3-4cf0-8efc-ccb7d624e8b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41662", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18060", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41662\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface (endpoint tls_iotgen_setting).\n\ud83d\udccf Published: 2025-06-11T08:08:17.544Z\n\ud83d\udccf Modified: 2025-06-11T08:11:30.422Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-052", "creation_timestamp": "2025-06-11T08:32:31.000000Z"}, {"uuid": "b03cf8b4-f8f8-4f59-bcc7-aa107e8fd3b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41661", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18059", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41661\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to lack of Cross-Site Request Forgery (CSRF) protection in the Main Web Interface (endpoint event_mail_test).\n\ud83d\udccf Published: 2025-06-11T08:13:27.237Z\n\ud83d\udccf Modified: 2025-06-11T08:13:27.237Z\n\ud83d\udd17 References:\n1. https://certvde.com/en/advisories/VDE-2025-052", "creation_timestamp": "2025-06-11T08:32:30.000000Z"}, {"uuid": "a5261abc-f26f-433b-a64d-b84383cb2100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41669", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116645334969189092", "content": "#OT #Advisory VDE-2026-050Phoenix Contact: PLCnext Firmware Security Issues Related to APPs and Configuration Files\nThis advisory addresses security issues in PLCnext firmware versions prior to 2026.0.3 that are related to APP handling and the processing of configuration files. The identified vulnerabilities affect APP installation authenticity as well as the handling of configuration data in writable directories. Successful exploitation may allow authenticated attackers with different privilege levels to compromise integrity, availability, and system security of affected PLCnext Control. Both issues are resolved starting with PLCnext firmware version 2026.0.3.#CVE CVE-2025-41669, CVE-2025-41670\nhttps://certvde.com/en/advisories/vde-2026-050/\n#CSAF https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-050.json", "creation_timestamp": "2026-05-27T07:22:42.065598Z"}, {"uuid": "840ebfe3-34e6-43b1-81f5-d1cbae4c0790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19495", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52893\n\ud83d\udd25 CVSS Score: 4.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. This issue has been fixed in OpenBao v2.3.0 and later. Like with HCSEC-2025-09, there is no known workaround except to ensure properly formatted requests from all clients.\n\ud83d\udccf Published: 2025-06-25T16:54:50.262Z\n\ud83d\udccf Modified: 2025-06-25T16:54:50.262Z\n\ud83d\udd17 References:\n1. https://github.com/openbao/openbao/security/advisories/GHSA-8f5r-8cmq-7fmq\n2. https://github.com/go-viper/mapstructure/pull/105\n3. https://github.com/go-viper/mapstructure/commit/ed3f92181528ff776a0324107b8b55026e93766a\n4. https://github.com/openbao/openbao/commit/cf5e920badbf96b41253534a3fd5ff5063bf4b30\n5. https://discuss.hashicorp.com/t/hcsec-2025-09-vault-may-expose-sensitive-information-in-error-logs-when-processing-malformed-data-with-the-kv-v2-plugin/74717\n6. https://github.com/go-viper/mapstructure/releases/tag/v2.3.0", "creation_timestamp": "2025-06-25T18:06:26.000000Z"}]}