A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way.

CVE Database V5

Detailed information about CVE-2025-15117: Deserialization in Dromara Sa-Token affecting Dromara Sa-Token. Get real-time updates, technical details, and mitigat

CVE-2025-15117: Deserialization in Dromara Sa-Token - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-15117: Deserialization in Dromara Sa-Token

A security flaw has been discovered in OpenCart up to 4.1.0.3. Affected by this issue is some unknown functionality of the component Single-Use Coupon Handler. Performing manipulation results in race condition. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Detailed information about CVE-2025-15116: Race Condition in OpenCart affecting null OpenCart. Get real-time updates, technical details, and mitigation strategi

CVE-2025-15116: Race Condition in OpenCart - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-15116: Race Condition in OpenCart

ThreatFox MISP Feed

AsyncRAT botnet C2 domain (confidence level: 100%)

Mirai botnet C2 server (confidence level: 80%)

Stealc botnet C2 server (confidence level: 100%)

Cobalt Strike botnet C2 server (confidence level: 100%)

Unknown malware botnet C2 server (confidence level: 100%)

AsyncRAT botnet C2 server (confidence level: 100%)

Quasar RAT botnet C2 server (confidence level: 100%)

Havoc botnet C2 server (confidence level: 100%)

Venom RAT botnet C2 server (confidence level: 100%)

Remcos botnet C2 server (confidence level: 100%)

DCRat botnet C2 server (confidence level: 100%)

NetSupportManager RAT botnet C2 server (confidence level: 100%)

Unknown malware botnet C2 domain (confidence level: 100%)

Chaos botnet C2 server (confidence level: 100%)

ClearFake payload delivery domain (confidence level: 100%)

ValleyRAT botnet C2 server (confidence level: 100%)

Unknown malware payload delivery URL (confidence level: 90%)

Quasar RAT botnet C2 domain (confidence level: 75%)

Detailed information about ThreatFox IOCs for 2025-12-27. Get real-time updates, technical details, and mitigation strategies.

ThreatFox IOCs for 2025-12-27 - Live Threat Intelligence - Threat Radar | OffSeq.com

ThreatFox IOCs for 2025-12-27

Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks

Source: https://bobdahacker.com/blog/petlibro

Reddit NetSec

Detailed information about Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks. Get real-time updates, technical details, and mitigation strategies.

Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks - Live Threat Intelligence - Threat Radar | OffSeq.com

Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks

Reddit Discussion: Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks

LangChain core vulnerability allows prompt injection and data exposure

Source: https://securityaffairs.com/186185/hacking/langchain-core-vulnerability-allows-prompt-injection-and-data-exposure.html

Reddit InfoSec News

Detailed information about LangChain core vulnerability allows prompt injection and data exposure. Get real-time updates, technical details, and mitigation stra

LangChain core vulnerability allows prompt injection and data exposure - Live Threat Intelligence - Threat Radar | OffSeq.com

LangChain core vulnerability allows prompt injection and data exposure

Reddit Discussion: LangChain core vulnerability allows prompt injection and data exposure

SANS ISC Handlers Diary

Detailed information about ISC Stormcast For Sunday, December 28th, 2025 https://isc.sans.edu/podcastdetail/9750, (Sun, Dec 28th). Get real-time updates, techni

ISC Stormcast For Sunday, December 28th, 2025 https://isc.sans.edu/podcastdetail/9750, (Sun, Dec 28th) - Live Threat Intelligence - Threat Radar | OffSeq.com

ISC Stormcast For Sunday, December 28th, 2025 https://isc.sans.edu/podcastdetail/9750, (Sun, Dec 28th)

ISC Stormcast For Sunday, December 28th, 2025 https://isc.sans.edu/podcastdetail/9750, (Sun, Dec 28th)

Technical Details

Community Reviews

Related Threats

CVE-2025-15116: Race Condition in OpenCart

LangChain core vulnerability allows prompt injection and data exposure

CVE-2025-14177: CWE-125 Out-of-bounds Read in PHP Group PHP

CVE-2025-14178: CWE-787 Out-of-bounds Write in PHP Group PHP

CVE-2025-15109: Unrestricted Upload in jackq XCMS

Actions

External Links

Need more coverage?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility