runZeroInc · r0bzer0 · May 6, 2026 · May 4, 2026 · May 4, 2026 · May 5, 2026
diff --git a/code/cves/2016/CVE-2016-8735.yaml b/code/cves/2016/CVE-2016-8735.yaml
@@ -17,8 +17,8 @@ info:
     cvss-score: 9.8
     cve-id: CVE-2016-8735
     cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
-    epss-score: 0.93787
-    epss-percentile: 0.99858
+    epss-score: 0.93871
+    epss-percentile: 0.99872
   metadata:
     product: tomcat
     shodan-query: product:"tomcat"
@@ -35,6 +35,7 @@ code:
     matchers:
       - condition: and
         dsl:
+          # Check "Credentials should be String[] instead of java.util.HashMapur" in last response
           - contains(response,"43726564656e7469616c732073686f756c6420626520537472696e675b5d20696e7374656164206f66206a6176612e7574696c2e486173684d61707572")
           - contains(interactsh_protocol, "dns")
         type: dsl
@@ -78,3 +79,4 @@ code:
 
       s2.close()
       print(response.hex())
+# digest: 490a0046304402206b8e3dd583224b74ea527410d3774e68b25a61d5a3672732950a6dc9c694a07702201888286b4b3c9c9faf510525d47b2b122a4b046f03226fd4c1b1fa3c7e4cfea8:41987585204b393149694b2205534b1a
diff --git a/code/cves/2019/CVE-2019-14287.yaml b/code/cves/2019/CVE-2019-14287.yaml
@@ -22,7 +22,7 @@ info:
     cwe-id: CWE-755
     cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
     epss-score: 0.85814
-    epss-percentile: 0.99386
+    epss-percentile: 0.99387
   metadata:
     max-request: 2
     product: sudo
@@ -40,6 +40,8 @@ code:
       - bash
     matchers:
       - condition: and
+        # digest: 4a0a0047304502202d770411a7d12d9ebce0604a3507337751792a6ab47987f1ca7b9b475d30fae70221009e3b4c1fad9e71494b17fcaba359207027f4b1981d4142808156dfaf90a2a6b6:922c64590222798bb761d5b6d8e72950
+
         dsl:
           - '!contains(code_1_response, "root")'
           - contains(code_2_response, "root")

diff --git a/code/cves/2021/CVE-2021-3156.yaml b/code/cves/2021/CVE-2021-3156.yaml
@@ -21,8 +21,8 @@ info:
     cve-id: CVE-2021-3156
     cwe-id: CWE-193
     cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
-    epss-score: 0.92456
-    epss-percentile: 0.99735
+    epss-score: 0.92533
+    epss-percentile: 0.99743
   metadata:
     product: sudo
     vendor: sudo_project
@@ -34,7 +34,7 @@ code:
       - bash
     matchers:
       - condition: and
-        # digest: 4b0a004830460221009f86d603f639e6936d58480ae17efb5df2b2b7f92ea368d8e365e5c14d6bc26d02210096b5fedfe9c124e46c53eff319a154ece1902e8ec37d2fd5134031e0add41aec:922c64590222798bb761d5b6d8e72950
+        # digest: 4a0a00473045022048198d3b497fc9427ce3d807edf5c107699cb0b44defbff51d90b480f8ae4ca7022100ede0fe0f0d70a21496cc17e5c91a32dbe75b2ae4ee98c0e5a0deb2814058ce8c:922c64590222798bb761d5b6d8e72950
 
         type: word
         words:

diff --git a/code/cves/2022/CVE-2022-42475.yaml b/code/cves/2022/CVE-2022-42475.yaml
@@ -25,7 +25,7 @@ info:
     cwe-id: CWE-197,CWE-787
     cpe: cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
     epss-score: 0.93984
-    epss-percentile: 0.99891
+    epss-percentile: 0.99892
   metadata:
     fofa-query:
       - body="/remote/login" "xxxxxxxx"
@@ -62,6 +62,7 @@ code:
         words:
           - Target appears to be VULNERABLE
           # digest: 4b0a004830460221008459e44102efd4675cfdaf51bed89a176eb12d304c98137c70db00e6b8b5ca56022100d51b25ae5a7e86359796fa8e42ac1eeb9f3ecad5773df44b67df48d2725ff84c:922c64590222798bb761d5b6d8e72950
+        # digest: 490a0046304402204eebcd96db966b34291ca0d1df0db90de20c60475b05e46c9e012c1ff9a2e0c1022067c7f1b9bb9066b652e8514d0928fe062d6fd4765ab54c0bd88608495dba2f63:922c64590222798bb761d5b6d8e72950
     source: |
       import sys, os, time, socket, ssl
 

diff --git a/code/cves/2023/CVE-2023-2640.yaml b/code/cves/2023/CVE-2023-2640.yaml
@@ -22,7 +22,7 @@ info:
     cwe-id: CWE-863
     cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
     epss-score: 0.91394
-    epss-percentile: 0.99666
+    epss-percentile: 0.99668
   metadata:
     max-request: 2
     product: ubuntu_linux
@@ -41,7 +41,7 @@ code:
       - bash
     matchers:
       - condition: and
-        # digest: 4b0a00483046022100f043eca0208ca97b323887dd3bb21d21598cf3c097b56dc7ed7975ccb7041d92022100bcbef69420d88971731b9df3aa335a79c7b2972eea302c689ef0fcdedd8e699d:922c64590222798bb761d5b6d8e72950
+        # digest: 4a0a004730450220529b102c305df61e6fa1efa8578f09625953bb9dd126f4c488fe48578f9ffd39022100a751bc59c626cbaf324dce4a1259f1b16a2e027f2e3e4108d8aee642a3b58e0b:922c64590222798bb761d5b6d8e72950
 
         dsl:
           - '!contains(code_1_response, "(root)")'

diff --git a/code/cves/2023/CVE-2023-2986.yaml b/code/cves/2023/CVE-2023-2986.yaml
@@ -21,7 +21,7 @@ info:
     cve-id: CVE-2023-2986
     cpe: cpe:2.3:a:tychesoftwares:abandoned_cart_lite_for_woocommerce:*:*:*:*:*:wordpress:*:*
     epss-score: 0.91419
-    epss-percentile: 0.99669
+    epss-percentile: 0.9967
   metadata:
     fofa-query: body="/wp-content/plugins/woocommerce-abandoned-cart/"
     framework: wordpress
@@ -49,7 +49,7 @@ http:
           - Link expired
       - status:
           - 302
-          # digest: 4a0a00473045022100c24f7baef9dd963b6ae61a12c1dfb12f052521691a5257c07a402ce1558d342602202b4e455f0bbc6f11e56e958b0077fa6aa8a7b81d56c3cfca147ed240cae35c28:922c64590222798bb761d5b6d8e72950
+          # digest: 4a0a0047304502207f7e30216c7119f051c457db0bc7e9612d451467b3622c59b0654c231d8a6086022100fede47f3687cfa3e6e4076fe18bb01daded5369ee7c972727282967e36ad9a33:922c64590222798bb761d5b6d8e72950
         type: status
     matchers-condition: and
     method: GET

diff --git a/code/cves/2023/CVE-2023-49105.yaml b/code/cves/2023/CVE-2023-49105.yaml
@@ -22,7 +22,7 @@ info:
     cwe-id: CWE-287
     cpe: cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
     epss-score: 0.89605
-    epss-percentile: 0.99562
+    epss-percentile: 0.99565
   metadata:
     fofa-query: title="owncloud"
     google-query: intitle:"owncloud"
@@ -39,7 +39,7 @@ http:
   - extractors:
       - dsl:
           - '"Username => "+ username'
-          # digest: 4a0a00473045022100a40b96d7a7be4391202292d60c76ec87b906768721cc2c3d75bc42a3f63f5af602200c2c325b69cfc5107baf358bd8a9cce231e27a672ce55cfbadad3e817ed04c11:922c64590222798bb761d5b6d8e72950
+          # digest: 4b0a00483046022100cac7eb146d7077ae54bc2df33caea985419212ab4f35441c837a32a2765603ee022100bb700729c6f10a7dc34ccc1e03e2c738335e3b7bef1a80184e380d8a0641564c:922c64590222798bb761d5b6d8e72950
         type: dsl
     matchers:
       - condition: and

diff --git a/code/cves/2023/CVE-2023-4911.yaml b/code/cves/2023/CVE-2023-4911.yaml
@@ -21,8 +21,8 @@ info:
     cve-id: CVE-2023-4911
     cwe-id: CWE-122,CWE-787
     cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
-    epss-score: 0.67392
-    epss-percentile: 0.98575
+    epss-score: 0.71068
+    epss-percentile: 0.98721
   metadata:
     max-request: 1
     product: glibc
@@ -36,7 +36,7 @@ code:
       - type: word
         words:
           - "139" # Segmentation Fault Exit Code
-          # digest: 4b0a00483046022100fffa6770af51257945556983f9664ae55938d57c1bb7687d4d6525d48ad724bd022100f56b15316db32b7d37faaa46ca47f873504683660fbda6f9f803902930736e50:922c64590222798bb761d5b6d8e72950
+          # digest: 4b0a00483046022100f8013e073e20e11445083781c856e327618105f1d893a6bc9796d651e422d6350221009728ce0c19a32f8b876e4b9a445a7204f4c0a3775a83fba8db258e71b419fa62:922c64590222798bb761d5b6d8e72950
     source: |
       env -i "GLIBC_TUNABLES=glibc.malloc.mxfast=glibc.malloc.mxfast=A" "Z=`printf '%08192x' 1`" /usr/bin/su --help
       echo $?

diff --git a/code/cves/2023/CVE-2023-6246.yaml b/code/cves/2023/CVE-2023-6246.yaml
@@ -22,7 +22,7 @@ info:
     cwe-id: CWE-122,CWE-787
     cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
     epss-score: 0.25481
-    epss-percentile: 0.96238
+    epss-percentile: 0.96245
   metadata:
     max-request: 1
     product: glibc
@@ -36,7 +36,7 @@ code:
       - type: word
         words:
           - "127" # Segmentation Fault Exit Code
-          # digest: 4a0a0047304502201bb6eef5a5c5ab2e1a9edc168a222d9a3032e522c8b97a0472344734d6bd656c022100d366e76072038d66c586058fa40175666272530010fc3cfe03c92b6441bb3d4f:922c64590222798bb761d5b6d8e72950
+          # digest: 4a0a004730450221009dd948053d3760bf58a731afb108c0f87af4c00845206daed738fd92a7e89f55022029a85f0d4d48c5329ebcc4b8900ef90f6a3eed744c05c272c4859ff9d4fe4d99:922c64590222798bb761d5b6d8e72950
     source: |
       (exec -a "`printf '%0128000x' 1`" /usr/bin/su < /dev/null)
       echo $?

diff --git a/code/cves/2024/CVE-2024-10443.yaml b/code/cves/2024/CVE-2024-10443.yaml
@@ -18,7 +18,7 @@ info:
     cwe-id: CWE-77
     cpe: cpe:2.3:a:synology:photos:*:*:*:*:*:diskstation_manager:*:*
     epss-score: 0.75643
-    epss-percentile: 0.98911
+    epss-percentile: 0.98916
   metadata:
     framework: diskstation_manager
     max-request: 1
@@ -39,6 +39,7 @@ code:
         words:
           - dns
           # digest: 490a004630440220728d773dd11a93b4b1490e2cd79396bc2b8a74986128e1e5b4f8c3c0280d57c902202693b8358f51a373ab498168ed3315f3e7f57a0634aec37ed8b2d931a2b1cbf4:922c64590222798bb761d5b6d8e72950
+        # digest: 4a0a0047304502203ca66bb1cffc621210799f48b15483144ba54c5439cca6c75e415aab3fad919f022100a49919005201b133583fd2a4f58235e7d3dc940fe3686b056a83a98fb2e9471e:922c64590222798bb761d5b6d8e72950
     source: |
       import websocket,os,json # pip install websocket-client
       url = "ws://"+os.getenv('Hostname')+"/FotoSocketIo/socket.io/?transport=websocket&EIO=4"

diff --git a/code/cves/2024/CVE-2024-12356.yaml b/code/cves/2024/CVE-2024-12356.yaml
@@ -18,7 +18,7 @@ info:
     cwe-id: CWE-77
     cpe: cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*
     epss-score: 0.93857
-    epss-percentile: 0.99869
+    epss-percentile: 0.9987
   metadata:
     product: privileged_remote_access
     vendor: beyondtrust
@@ -35,6 +35,7 @@ code:
           - 0 success
           - 1 try again later
           # digest: 490a004630440220192a8a4a41f24efe5bd95387489d2911272dd6d6f806f473742338a571c3c1760220280fc390fe43a131326cdde0f52a7c08584c9e37151aee15c3a95b243f682bae:922c64590222798bb761d5b6d8e72950
+        # digest: 490a00463044022055acc21c905a3943a4a9ef262f2a63f3757d14609235376cf3e1480a1d6431fb022022cfb2755c3ce4623c002abec37001083b1f6099aaeb8a9456f3272047e74887:922c64590222798bb761d5b6d8e72950
     source: |
       # brew install websocat
       company=`curl -k -s "$Scheme://$Host/get_portal_info" | cut -d '=' -f2 | tail -n 1 | cut -d';' -f1`

diff --git a/code/cves/2024/CVE-2024-22120.yaml b/code/cves/2024/CVE-2024-22120.yaml
@@ -20,8 +20,8 @@ info:
     cvss-score: 9.1
     cve-id: CVE-2024-22120
     cwe-id: CWE-20
-    epss-score: 0.92259
-    epss-percentile: 0.99722
+    epss-score: 0.92119
+    epss-percentile: 0.99716
   metadata:
     fofa-query:
       - icon_hash=892542951
@@ -50,6 +50,7 @@ code:
         words:
           - Vulnerable to CVE-2024-22120
           # digest: 490a0046304402207da121f5e5a3298d2bfbfbdddd622f7d48ad4195dcad9ad4e80f766aade9268502200093d18ea4caccd105e3cc93f0df33e8944620f3e303766bec8aedf56a370cc0:922c64590222798bb761d5b6d8e72950
+        # digest: 4a0a00473045022100cd49a2572d217ce8fe9a4471267ba0f33bfd7605d0e5516f3cdb6f77bae45328022063824f452c43b07e412e487b23986420783574ed086454d7560d65bda44f8b6c:922c64590222798bb761d5b6d8e72950
     source: |
       import os, struct, socket
       from datetime import datetime

diff --git a/code/cves/2024/CVE-2024-3094.yaml b/code/cves/2024/CVE-2024-3094.yaml
@@ -21,8 +21,8 @@ info:
     cve-id: CVE-2024-3094
     cwe-id: CWE-506
     cpe: cpe:2.3:a:tukaani:xz:5.6.0:*:*:*:*:*:*:*
-    epss-score: 0.84077
-    epss-percentile: 0.99309
+    epss-score: 0.84588
+    epss-percentile: 0.99336
   metadata:
     product: xz
     vendor: tukaani
@@ -35,7 +35,7 @@ code:
     extractors:
       - dsl:
           - response
-          # digest: 4a0a00473045022100bc704dd3e6bc6f1e146961da42d14c1c3dd5acd96856fad4c79f539e317739a1022042f942a5d177b90cc833717fd516b51b30226c43032d7c88108f2977918d6058:922c64590222798bb761d5b6d8e72950
+          # digest: 490a0046304402203e93d7d3ec2522bf35f2e226bb2c2c0ebe974d4ba13aa2134cbe3a7412234b3b022020f27eede78979df161ee3ebfd2ad717fbeb586d0fc97b48a6174a17598f3de8:922c64590222798bb761d5b6d8e72950
         type: dsl
     matchers:
       - type: word

diff --git a/code/cves/2024/CVE-2024-45409.yaml b/code/cves/2024/CVE-2024-45409.yaml
@@ -20,7 +20,7 @@ info:
     cve-id: CVE-2024-45409
     cwe-id: CWE-347
     epss-score: 0.42423
-    epss-percentile: 0.97472
+    epss-percentile: 0.97473
   metadata:
     product: gitlab
     shodan-query: http.title:"GitLab"
@@ -31,7 +31,7 @@ http:
   - extractors:
       - kval:
           - _gitlab_session
-          # digest: 4a0a0047304502204a0574345735551234ba77befb8574683d574d027940a09b393dbda80ccfa836022100a6117e3f2dba64365e2232cec18437b6a229d2639b24bd74dbc627a3f752b94e:922c64590222798bb761d5b6d8e72950
+          # digest: 490a0046304402206b3327a069659c3e8a84e23b26381fdfc4dd46246553286f685f9c6e2a87dcbc02204ab658b05ef4fa04387f9d9857dbd356dde12bc7614603701eac40828dc7206c:922c64590222798bb761d5b6d8e72950
         type: kval
     matchers:
       - condition: and

diff --git a/code/cves/2024/CVE-2024-47575.yaml b/code/cves/2024/CVE-2024-47575.yaml
@@ -19,8 +19,8 @@ info:
     cve-id: CVE-2024-47575
     cwe-id: CWE-306
     cpe: cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*,cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*
-    epss-score: 0.93846
-    epss-percentile: 0.99865
+    epss-score: 0.93874
+    epss-percentile: 0.99872
   tags: cve,cve2024,fortimanager,fortinet,kev,rce,vkev
 variables:
   HOST: '{{Host}}'
@@ -33,7 +33,7 @@ code:
     extractors:
       - dsl:
           - response
-        # digest: 490a0046304402201a471c0a1bb9817ee2d093ab0415a0aff75f36816850f556643b99fcffd74686022023260c95353e74802401b18486f892994ef6c4ed1b7782a708b88f0c0941d4c4:922c64590222798bb761d5b6d8e72950
+        # digest: 490a0046304402204a2110719234204dc647aa0ca520afcf8b91a6c893bf9fc8ba25f18c5cfc528a02207eb4c9c0978d8834d29ac495ecb2ada3f44681e4f47ec9b5e265d3fbd09ae3ff:922c64590222798bb761d5b6d8e72950
 
         type: dsl
     matchers:

diff --git a/code/cves/2024/CVE-2024-55556.yaml b/code/cves/2024/CVE-2024-55556.yaml
@@ -19,7 +19,7 @@ info:
     cve-id: CVE-2024-55556
     cwe-id: CWE-502
     epss-score: 0.84685
-    epss-percentile: 0.99342
+    epss-percentile: 0.99341
   metadata:
     fofa-query: title="InvoiceShelf"
     max-request: 2
@@ -42,7 +42,7 @@ http:
           - Illuminate/Database/DatabaseManager.php # only matches in Debug mode
       - status:
           - 500
-          # digest: 4b0a00483046022100a14a43515b8792abac22d2c6afb33e2f0b7153d4fa3b789125cd9185fd926941022100fadc23040e036ee2ded2fc1175ad3f1c06f1e680c10a5de16d9b67c4ddb0168e:922c64590222798bb761d5b6d8e72950
+          # digest: 4a0a00473045022039ad9f1649bd680ede72263e65da9be6b666685ac62b67719a297f0584186e91022100f4a44d7b8066de3bad06562f60dd2d6d822392836f5b5e56846b16b946173d59:922c64590222798bb761d5b6d8e72950
         type: status
     matchers-condition: and
     raw:

diff --git a/code/cves/2024/CVE-2024-56331.yaml b/code/cves/2024/CVE-2024-56331.yaml
@@ -21,7 +21,7 @@ info:
     cve-id: CVE-2024-56331
     cwe-id: CWE-22
     epss-score: 0.53224
-    epss-percentile: 0.97979
+    epss-percentile: 0.97987
   metadata:
     product: uptime-kuma
     shodan-query: http.title:"Uptime Kuma"
@@ -41,6 +41,7 @@ code:
         words:
           - '/etc/passwd: {''ok'': True, ''msg'': ''successAdded'''
           # digest: 4b0a004830460221009cc64897bf280fa36ddceeebfa6b6bb0e7c61a503262125ce874db565dc26d69022100d10d192312e95dfd1576abbe45e38f5da1887e361f05eefbab2dd039fa42ae30:922c64590222798bb761d5b6d8e72950
+        # digest: 490a00463044022023b496e8aadcdabe4c25e7609e6aeaa198bd07618247f72ba543bb6c415a699b02204718c546f9e43f8ddbc85136f4b3451477ec3a1306bd8072c3942a8bce9d0ca3:922c64590222798bb761d5b6d8e72950
     source: |
       import os
       import time

diff --git a/code/cves/2024/CVE-2024-9487.yaml b/code/cves/2024/CVE-2024-9487.yaml
@@ -14,7 +14,7 @@ info:
     - https://github.com/advisories/GHSA-g83h-4727-5rpv
   classification:
     epss-score: 0.60268
-    epss-percentile: 0.98285
+    epss-percentile: 0.98293
   metadata:
     shodan-query: title:"GitHub Enterprise"
     verified: true
@@ -23,7 +23,7 @@ http:
   - extractors:
       - kval:
           - user_session
-          # digest: 4a0a00473045022100d1d22bdff24eba01545847168075a4fc283e7055f8d2248fb946c2de3930319a02206037611e28ecfb7ba6f13ede7633341bf081c62aee5bdbfe8a6e0bac2f5ec81b:922c64590222798bb761d5b6d8e72950
+          # digest: 4a0a0047304502210080dd9f85cbb16f91c3b3d5899b8ad83c8fb74d7c003437a7fcb5255a556a384f02202b617ab779f3c9b4147c65d37a51c2022149db1cd65259d10656dc243db8640e:922c64590222798bb761d5b6d8e72950
         type: kval
     matchers:
       - condition: and

diff --git a/code/cves/2025/CVE-2025-1550.yaml b/code/cves/2025/CVE-2025-1550.yaml
@@ -14,8 +14,8 @@ info:
     - https://github.com/keras-team/keras/pull/20751
     - https://towerofhanoi.it/writeups/cve-2025-1550/
   classification:
-    epss-score: 0.08647
-    epss-percentile: 0.92465
+    epss-score: 0.07973
+    epss-percentile: 0.92093
   metadata:
     max-request: 1
   tags: code,cve,cve2025,keras,ml,rce
@@ -27,7 +27,7 @@ code:
       - part: response
         regex:
           - 'root:.*:0:0:'
-          # digest: 4b0a00483046022100f2640e7c0565e18f04dced796a4d48f26d5444a92431aec1b9cd3a2bf5d8b718022100fdf3665da86d445783e6c05c24f4317d0b933f9b3cc3e0314a0b08f2bc6c82c7:922c64590222798bb761d5b6d8e72950
+          # digest: 4b0a00483046022100e4767e7ec8c267a829e36730ceea02071e0bd3d0f45e1ce151208f5cb01fa9e8022100f7e811497e0a6ce75781cae7f3f58178de79b7888919e9c868db21e2f6bb0f5d:922c64590222798bb761d5b6d8e72950
         type: regex
     source: |
       import os

diff --git a/code/cves/2025/CVE-2025-22457.yaml b/code/cves/2025/CVE-2025-22457.yaml
@@ -21,8 +21,8 @@ info:
     cve-id: CVE-2025-22457
     cwe-id: CWE-121,CWE-787
     cpe: cpe:2.3:a:ivanti:connect_secure:*:-:*:*:*:*:*:*
-    epss-score: 0.5605
-    epss-percentile: 0.98107
+    epss-score: 0.53659
+    epss-percentile: 0.98009
   metadata:
     fofa-query: title="ivanti connect secure"
     google-query: intitle:"ivanti connect secure"
@@ -57,6 +57,7 @@ code:
         words:
           - 'VULNERABLE:'
           # digest: 4a0a004730450220625a2cd749d019f740a6dfcafc3864d31ae7860a2b0e224e86466aa3b71d71e0022100a0a20d052aaa99365f1639b927f4e765ac6fcd75cd7bfbe30844a66ef5ffeffe:922c64590222798bb761d5b6d8e72950
+        # digest: 4a0a00473045022100b1b732cf671a584d80155394838e77dc5c1d7ac3fca5d972739738c53a83fe3e02204ad157c157f4299b964a5c13d705cc4339318e97761223498b315762bae0d0a0:922c64590222798bb761d5b6d8e72950
     source: |
       import os
       import time

diff --git a/code/cves/2025/CVE-2025-25291.yaml b/code/cves/2025/CVE-2025-25291.yaml
@@ -21,7 +21,7 @@ info:
     cve-id: CVE-2025-25291
     cwe-id: CWE-347
     epss-score: 0.20843
-    epss-percentile: 0.95631
+    epss-percentile: 0.95641
   metadata:
     fofa-query:
       - body="gitlab enterprise edition"
@@ -41,7 +41,7 @@ http:
   - extractors:
       - kval:
           - _gitlab_session
-          # digest: 4a0a00473045022049519f7bd9bf81dad7fc27fcee082e82b4c8d1210fdb1469777ba467996cb5d50221008ebc3f9ab5d7cd52c945b69e01abe42a689891991a7f64f6b92846932a713c55:922c64590222798bb761d5b6d8e72950
+          # digest: 4a0a00473045022100ea8730fb9ebdee038ed83d32403f6a181697bf14ba80a6771689cf1611449b2702206d3d22ca08726f2fd10c5cf4252baea436b1e59eb9d664e4432424558199f7ec:922c64590222798bb761d5b6d8e72950
         type: kval
     matchers:
       - condition: and