{"vulnerability": "CVE-2025-4861", "sightings": [{"uuid": "23dc42f3-93d7-46e4-986a-8458fd79f94d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4861", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpggcijwuqb2", "content": "", "creation_timestamp": "2025-05-18T06:24:29.008028Z"}, {"uuid": "a06d4fd8-d436-4336-8b8c-d2c072d8a2a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4861", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpgpqrpjo22h", "content": "", "creation_timestamp": "2025-05-18T09:13:28.844320Z"}, {"uuid": "18161925-c78e-4658-885c-bc78b4c133f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48613", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mg66hh7b7h2d", "content": "", "creation_timestamp": "2026-03-03T16:22:09.542573Z"}, {"uuid": "da0a352d-00d7-4069-b964-312b426922d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48619", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mg66zv7bdx2s", "content": "", "creation_timestamp": "2026-03-03T16:32:28.111055Z"}, {"uuid": "e655b24b-c1d0-480d-ac0f-09246b3015c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48611", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116207435885278449", "content": "", "creation_timestamp": "2026-03-10T23:19:18.433260Z"}, {"uuid": "3e49ef30-e300-4397-bdbd-efa09e4671a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-48611", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mhaidgdbzo27", "content": "", "creation_timestamp": "2026-03-17T07:49:22.263940Z"}, {"uuid": "6cd01ca0-c433-4f48-b57a-781910c14ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-48615", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T20:00:00.000000Z"}, {"uuid": "ccc86d32-89b1-40e7-8da4-0c1877619e1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48611", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mibzt645fi2k", "content": "", "creation_timestamp": "2026-03-30T16:00:15.478474Z"}, {"uuid": "4f544ff5-889e-4493-92b2-1cc04059b95a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4861", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16858", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4861\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.\n\ud83d\udccf Published: 2025-05-18T05:31:05.603Z\n\ud83d\udccf Modified: 2025-05-19T14:24:09.702Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309403\n2. https://vuldb.com/?ctiid.309403\n3. https://vuldb.com/?submit.575230\n4. https://github.com/Schatten-42/MyCVE/issues/1\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-19T14:38:47.000000Z"}, {"uuid": "647b12b0-3031-468d-9a13-a4188e905e5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-48616", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities_20260602", "content": "", "creation_timestamp": "2026-06-01T18:00:00.000000Z"}, {"uuid": "d361ca4b-d3a5-494a-9c91-339d9bf8ea0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-48612", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities_20260602", "content": "", "creation_timestamp": "2026-06-01T18:00:00.000000Z"}, {"uuid": "8f58eb21-3476-464b-a2b9-96c1e425a29f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48615", "type": "seen", "source": "https://notnow.dev/objects/825821a4-404d-4687-b0b4-c981516d58a5", "content": "According to GrapheneOS, the SQLite issue marked as exploited in the wild in the June Android Security Bulletin was originally patched in SQLite 3.44.5 from July 2025:https://grapheneos.social/@GrapheneOS/116681501156712831https://github.com/sqlite/sqlite/commit/710858bca3e6f0cc1d5d74101a1b444b3c7214ffHowever, searching for this commit shows that patch is for CVE-2025-6965.I guess CVE-2025-48615 is a duplicate/variant?You may remember CVE-2025-6965 as the bug that Project Zero's \"Big Sleep\" AI discovered, after Project Zero received reports of a bug \"known only to threat actors and was at risk of being exploited\", (https://blog.google/innovation-and-ai/technology/safety-security/cybersecurity-updates-summer-2025/)I guess that explains why it's marked as exploited in the wild in the bulletin.", "creation_timestamp": "2026-06-04T04:54:51.892785Z"}, {"uuid": "d79b4b90-dd6e-4f7a-aec9-34d1d43f560d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-48615", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities_20260602", "content": "", "creation_timestamp": "2026-06-01T18:00:00.000000Z"}, {"uuid": "3b186387-6807-40d0-b37b-f4c07a39acd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-48612", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities_20260603", "content": "", "creation_timestamp": "2026-06-02T20:00:00.000000Z"}]}