{"vulnerability": "CVE-2025-4874", "sightings": [{"uuid": "90bfb8aa-dec9-4c53-9264-cc4fe4bd2aa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48747", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqaqajq3vtp2", "content": "", "creation_timestamp": "2025-05-28T17:32:38.104871Z"}, {"uuid": "c66cdd9d-4fa2-4cdb-aed6-24080383854a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48746", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqaqadh5qmj2", "content": "", "creation_timestamp": "2025-05-28T17:32:38.683559Z"}, {"uuid": "620124f0-237f-410d-acc7-85d739425cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48742", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq4xroxkduz2", "content": "", "creation_timestamp": "2025-05-27T05:35:47.877818Z"}, {"uuid": "bb8fc114-7f86-4d3d-95a8-5277d5be46cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48748", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqd5vdjgx3q2", "content": "", "creation_timestamp": "2025-05-29T16:42:37.256041Z"}, {"uuid": "56dcdc3d-159c-4d0a-9656-be3684196bd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48748", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqd72znph72s", "content": "", "creation_timestamp": "2025-05-29T17:02:08.784923Z"}, {"uuid": "64207369-a952-4a7a-86d4-22a90646e733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lph3y4yjose2", "content": "", "creation_timestamp": "2025-05-18T12:53:14.559462Z"}, {"uuid": "0608917b-4670-42af-9c24-4c5aa1b82fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4874", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lph4ve4s552h", "content": "", "creation_timestamp": "2025-05-18T13:08:39.331061Z"}, {"uuid": "4e4002e2-f012-453a-8750-aa122de7c45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48740", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpulj6a6a322", "content": "", "creation_timestamp": "2025-05-23T21:34:51.844379Z"}, {"uuid": "479af621-0e93-4bbb-80c6-46ed13909dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48741", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpuls4n2va2s", "content": "", "creation_timestamp": "2025-05-23T21:39:52.083273Z"}, {"uuid": "469a967f-6d6e-46ec-80a0-939e09f173db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48741", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17473", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48741\n\ud83d\udd25 CVSS Score: 6.8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote, authenticated, and unprivileged users to retrieve alerts, cases, logs, observables, or tasks, regardless of the user's permissions, through a specific API endpoint.\n\ud83d\udccf Published: 2025-05-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-23T19:59:04.495Z\n\ud83d\udd17 References:\n1. https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2025-004.md", "creation_timestamp": "2025-05-23T20:49:39.000000Z"}, {"uuid": "0141597a-db6e-4ce7-bec5-b599c562cd3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48742", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17595", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48742\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The installer in SIGB PMB before 8.0.1.2 allows remote code execution.\n\ud83d\udccf Published: 2025-05-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-27T03:31:14.569Z\n\ud83d\udd17 References:\n1. https://www.sigb.net/index.php?lvl=cmspage&pageid=6&id_rubrique=553&opac_view=1\n2. https://forge.sigb.net/projects/pmb/wiki/Changelog_801#CHANGE-LOG-8012-2025-03-03", "creation_timestamp": "2025-05-27T03:47:51.000000Z"}, {"uuid": "e0bf16d9-cbee-4442-832c-eb5fe875c769", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48740", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17468", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48740\n\ud83d\udd25 CVSS Score: 5.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows a remote attacker to trigger requests on their victim's behalf, if the attacker lures a privileged user, authenticated with basic authentication.\n\ud83d\udccf Published: 2025-05-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-23T20:02:36.668Z\n\ud83d\udd17 References:\n1. https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2025-001.md", "creation_timestamp": "2025-05-23T20:49:10.000000Z"}, {"uuid": "31b092c1-470a-4300-8f1c-423222ef2bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48744", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17601", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48744\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: In SIGB PMB before 8.0.1.2, attackers can achieve Local File Inclusion and remote code execution.\n\ud83d\udccf Published: 2025-05-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-27T02:48:37.533Z\n\ud83d\udd17 References:\n1. https://www.sigb.net/index.php?lvl=cmspage&pageid=6&id_rubrique=553&opac_view=1\n2. https://forge.sigb.net/projects/pmb/wiki/Changelog_801#CHANGE-LOG-8012-2025-03-03", "creation_timestamp": "2025-05-27T03:47:59.000000Z"}, {"uuid": "eda43a1a-07e5-4027-8e2b-3cbc25e1fc19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48743", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17600", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-48743\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: SIGB PMB before 8.0.1.2 allows SQL injection.\n\ud83d\udccf Published: 2025-05-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-27T02:49:55.088Z\n\ud83d\udd17 References:\n1. https://www.sigb.net/index.php?lvl=cmspage&pageid=6&id_rubrique=553&opac_view=1\n2. https://forge.sigb.net/projects/pmb/wiki/Changelog_801#CHANGE-LOG-8012-2025-03-03", "creation_timestamp": "2025-05-27T03:47:58.000000Z"}, {"uuid": "c0e51d80-8892-4f43-a0c2-21b90390b810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48745", "type": "exploited", "source": "https://t.me/true_secator/7111", "content": "\u0425\u0430\u043a\u0435\u0440\u044b \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2025-49113 - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0432\u0435\u0431-\u043f\u043e\u0447\u0442\u044b Roundcube \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f.\n\nRoundcube - \u043e\u0434\u043d\u043e \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439, \u043f\u0440\u043e\u0434\u0443\u043a\u0442 \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0432 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u0438\u043d\u0433-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a GoDaddy, Hostinger, Dreamhost \u0438\u043b\u0438 OVH.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 Roundcube \u0443\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0434\u0435\u0441\u044f\u0442\u0438\u043b\u0435\u0442\u0438\u044f \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Roundcube webmail 1.1.0 \u043f\u043e 1.6.10. \u041e\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 1 \u0438\u044e\u043d\u044f, \u043e \u0447\u0435\u043c \u0440\u0430\u043d\u0435\u0435 \u043c\u044b \u0443\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438.\n\nCVE-2025-49113 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 RCE \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 9,9 \u0438\u0437 10, \u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u00ab\u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0439 \u0430\u0440\u043c\u0430\u0433\u0435\u0434\u0434\u043e\u043d\u00bb, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 FearsOff, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0432\u0448\u0438\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043e \u043e\u043a\u043e\u043d\u0447\u0430\u043d\u0438\u044f \u0441\u0440\u043e\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0438 \u043f\u0440\u043e\u0434\u0430\u0436\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0435\u0448\u0438\u043b\u0438 \u0432\u0441\u0435 \u0436\u0435 \u0432\u044b\u043a\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0432 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0430\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u043f\u043e \u0418\u0411 , \u043d\u043e \u043f\u043e\u043a\u0430 \u0431\u0435\u0437 \u043f\u043e\u043b\u043d\u043e\u0439 PoC.\n\n\u0421\u0443\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 - \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u00a0$_GET['_from'], \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 PHP-\u043e\u0431\u044a\u0435\u043a\u0442\u0430. \u041a\u043e\u0433\u0434\u0430 \u0432\u043e\u0441\u043a\u043b\u0438\u0446\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0437\u043d\u0430\u043a \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u0435\u0442 \u0438\u043c\u044f \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0430\u043d\u0441\u0430, \u0441\u0435\u0430\u043d\u0441 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u043d\u044b\u043c \u0438 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0432\u0441\u0435\u0433\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439, \u0447\u0442\u043e\u0431\u044b \u043e\u0442\u0440\u0435\u0432\u0435\u0440\u0441\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0436\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435. \u0414\u043b\u044f \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u043b\u043e\u0433\u0438\u043d.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0432\u043e\u0434\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438: \u0441\u0435\u043b\u043b\u0435\u0440 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0435\u0433\u043e \u0438\u0437 \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0438\u043b\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0431\u0440\u0443\u0442\u043e\u043c.\n\n\u0412 FearsOff \u0442\u0430\u043a\u0436\u0435 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043c\u043e\u0436\u043d\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 (CSRF).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0432\u0438\u0434\u0435\u043e \u0441 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0435\u0439 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-48745, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043e\u0442\u043a\u043b\u043e\u043d\u0435\u043d \u043a\u0430\u043a \u0434\u0443\u0431\u043b\u0438\u043a\u0430\u0442 CVE-2025-49113.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0448\u0438\u0440\u043e\u043a\u0443\u044e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 FearsOff \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043d\u0435 \u0442\u043e, \u0447\u0442\u043e\u0431\u044b \u0432\u0435\u043b\u0438\u043a\u0430 - \u043e\u043d\u0430 \u0438\u043c\u0435\u0435\u0442 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440. \u0414\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0432 \u0441\u0435\u0442\u0438 \u0448\u0430\u0440\u0438\u0442\u0441\u044f \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 1,2 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0445\u043e\u0441\u0442\u043e\u0432 Roundcube.", "creation_timestamp": "2025-06-06T15:10:05.000000Z"}]}