https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-09T10:38:58.544515+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/83bc9ee7-1573-4860-ad22-4a6b339b70a6/export83bc9ee7-1573-4860-ad22-4a6b339b70a62026-05-09T10:38:58.883922+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "83bc9ee7-1573-4860-ad22-4a6b339b70a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41078", "type": "seen", "source": "https://t.me/cibsecurity/31213", "content": "\u203c CVE-2021-41078 \u203c\n\nNameko through 2.13.0 can be tricked into performing arbitrary code execution when deserializing the config file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T16:15:03.000000Z"}2021-10-26T16:15:03+00:00https://vulnerability.circl.lu/sighting/d2ed6c2a-4b5a-419d-be00-3813f93cd664/exportd2ed6c2a-4b5a-419d-be00-3813f93cd6642026-05-09T10:38:58.883837+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "d2ed6c2a-4b5a-419d-be00-3813f93cd664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4107", "type": "seen", "source": "https://t.me/cibsecurity/33938", "content": "\u203c CVE-2021-4107 \u203c\n\nyetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-14T18:15:27.000000Z"}2021-12-14T18:15:27+00:00https://vulnerability.circl.lu/sighting/2b95d0d6-9313-4d9a-b478-6b59b23bacc9/export2b95d0d6-9313-4d9a-b478-6b59b23bacc92026-05-09T10:38:58.883744+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "2b95d0d6-9313-4d9a-b478-6b59b23bacc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/155", "content": "Exploiting CVE-2021-41073 in io_uring\n\nValentina Palmiotti published an excellent write-up about exploiting a type confusion in io_uring to gain root privileges.\n\nThis bug allows freeing arbitrary slab allocations from the kmalloc-32 cache.\n\nValentina described how she constructed these exploit primitives:\n\n\u2714\ufe0f UAF in kmalloc-32\n\u2714\ufe0f Kernel heap info-leak\n\u2714\ufe0f Control flow hijacking\n\u2714\ufe0f Illegal privilege escalation\n\nThe researcher also described her experience with responsible disclosure.", "creation_timestamp": "2022-03-09T18:56:10.000000Z"}2022-03-09T18:56:10+00:00https://vulnerability.circl.lu/sighting/746a50bd-4a7b-4c5d-b7dd-ea3252644fda/export746a50bd-4a7b-4c5d-b7dd-ea3252644fda2026-05-09T10:38:58.883654+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "746a50bd-4a7b-4c5d-b7dd-ea3252644fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1886", "content": "#exploit\nCVE-2021-41073:\nType confusion in Linux io_uring\nhttps://gist.github.com/QiuhaoLi/d66b0ff2aa5058bd007a3f6c61d29b6e\n\n@BlueRedTeam", "creation_timestamp": "2022-04-03T10:37:21.000000Z"}2022-04-03T10:37:21+00:00https://vulnerability.circl.lu/sighting/a0603d55-d5ca-4ded-9bff-4591660e9728/exporta0603d55-d5ca-4ded-9bff-4591660e97282026-05-09T10:38:58.883561+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "a0603d55-d5ca-4ded-9bff-4591660e9728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5733", "content": "#exploit\nCVE-2021-41073:\nType confusion in Linux io_uring\nhttps://gist.github.com/QiuhaoLi/d66b0ff2aa5058bd007a3f6c61d29b6e", "creation_timestamp": "2022-04-03T13:37:01.000000Z"}2022-04-03T13:37:01+00:00https://vulnerability.circl.lu/sighting/44c1b2c2-3c8c-4ff5-86a4-466acacb55e5/export44c1b2c2-3c8c-4ff5-86a4-466acacb55e52026-05-09T10:38:58.883443+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "44c1b2c2-3c8c-4ff5-86a4-466acacb55e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/173", "content": "io_uring - new code, new bugs, and a new exploit technique\n\nLam Jun Rong published an article that covers analyzing and exploiting CVE-2021-41073, an invalid-free vulnerability in the io_uring subsystem.\n\nThis vulnerability has previously been exploited by Valentina Palmiotti, but that exploit relied on eBPF. The new exploit targets Ubuntu 21.10, where eBPF is not available to unprivileged users.", "creation_timestamp": "2022-07-04T10:47:21.000000Z"}2022-07-04T10:47:21+00:00https://vulnerability.circl.lu/sighting/708f4279-8ef0-4653-8f23-6c6673746de0/export708f4279-8ef0-4653-8f23-6c6673746de02026-05-09T10:38:58.883329+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "708f4279-8ef0-4653-8f23-6c6673746de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 & CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"}2023-03-23T06:30:43+00:00https://vulnerability.circl.lu/sighting/5339eb2f-8aed-42f7-a98b-ec343af48539/export5339eb2f-8aed-42f7-a98b-ec343af485392026-05-09T10:38:58.883240+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "5339eb2f-8aed-42f7-a98b-ec343af48539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41073", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"}2023-03-23T09:18:19+00:00https://vulnerability.circl.lu/sighting/5f1a7045-5f85-4977-b5ce-7859a490d7ce/export5f1a7045-5f85-4977-b5ce-7859a490d7ce2026-05-09T10:38:58.883111+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "5f1a7045-5f85-4977-b5ce-7859a490d7ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41072", "type": "seen", "source": "https://t.me/arpsyndicate/2849", "content": "#ExploitObserverAlert\n\nCVE-2021-41072\n\nDESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2021-41072. squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.\n\nFIRST-EPSS: 0.002930000\nNVD-IS: 5.2\nNVD-ES: 2.8", "creation_timestamp": "2024-01-16T12:24:04.000000Z"}2024-01-16T12:24:04+00:00https://vulnerability.circl.lu/sighting/f90ef69f-df43-413b-adb8-f17da0482355/exportf90ef69f-df43-413b-adb8-f17da04823552026-05-09T10:38:58.880372+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "f90ef69f-df43-413b-adb8-f17da0482355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41074", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcfxrjmh3a2t", "content": "", "creation_timestamp": "2026-01-14T21:03:04.427968Z"}2026-01-14T21:03:04.427968+00:00