Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-04T09:18:09.241349+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/6ac175bc-fd6f-472d-86af-38ea2150b1c2/export 6ac175bc-fd6f-472d-86af-38ea2150b1c2 2026-05-04T09:18:09.587926+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6ac175bc-fd6f-472d-86af-38ea2150b1c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4555", "type": "seen", "source": "https://t.me/cibsecurity/54666", "content": "\u203c CVE-2022-4555 \u203c\n\nThe WP Shamsi plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the deactivate() function hooked via init() in versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to deactivate arbitrary plugins on the site. This can be used to deactivate security plugins that aids in exploiting other vulnerabilities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T16:24:28.000000Z"} 2022-12-16T16:24:28+00:00 https://vulnerability.circl.lu/sighting/e65ab2aa-b5b8-46df-b7ee-9996cc975660/export e65ab2aa-b5b8-46df-b7ee-9996cc975660 2026-05-04T09:18:09.587846+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e65ab2aa-b5b8-46df-b7ee-9996cc975660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45552", "type": "seen", "source": "https://t.me/cibsecurity/59369", "content": "\u203c CVE-2022-45552 \u203c\n\nAn Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T16:35:55.000000Z"} 2023-03-03T16:35:55+00:00 https://vulnerability.circl.lu/sighting/332a9252-9664-4875-9baa-218fc00e3cf1/export 332a9252-9664-4875-9baa-218fc00e3cf1 2026-05-04T09:18:09.587754+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "332a9252-9664-4875-9baa-218fc00e3cf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45551", "type": "seen", "source": "https://t.me/cibsecurity/59370", "content": "\u203c CVE-2022-45551 \u203c\n\nAn issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T16:35:56.000000Z"} 2023-03-03T16:35:56+00:00 https://vulnerability.circl.lu/sighting/a2168c7c-e310-43ad-966c-4ade4e4feb13/export a2168c7c-e310-43ad-966c-4ade4e4feb13 2026-05-04T09:18:09.587673+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a2168c7c-e310-43ad-966c-4ade4e4feb13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45553", "type": "seen", "source": "https://t.me/cibsecurity/59371", "content": "\u203c CVE-2022-45553 \u203c\n\nAn issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T16:35:57.000000Z"} 2023-03-03T16:35:57+00:00 https://vulnerability.circl.lu/sighting/f9e91f53-89f1-408f-a584-264e4185eb25/export f9e91f53-89f1-408f-a584-264e4185eb25 2026-05-04T09:18:09.587590+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f9e91f53-89f1-408f-a584-264e4185eb25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45552", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6872", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45552\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory.\n\ud83d\udccf Published: 2023-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-07T17:20:15.303Z\n\ud83d\udd17 References:\n1. http://shenzhen.com\n2. http://zbt.com\n3. https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d", "creation_timestamp": "2025-03-07T17:35:24.000000Z"} 2025-03-07T17:35:24+00:00 https://vulnerability.circl.lu/sighting/35f5adad-d29b-4d9d-9468-01f79d75dfa0/export 35f5adad-d29b-4d9d-9468-01f79d75dfa0 2026-05-04T09:18:09.587497+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "35f5adad-d29b-4d9d-9468-01f79d75dfa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45553", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6873", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45553\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port.\n\ud83d\udccf Published: 2023-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-07T17:17:14.806Z\n\ud83d\udd17 References:\n1. http://shenzhen.com\n2. http://zbt.com\n3. https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d", "creation_timestamp": "2025-03-07T17:35:28.000000Z"} 2025-03-07T17:35:28+00:00 https://vulnerability.circl.lu/sighting/ca65f087-a5f2-43e8-9e7a-90c17ef940f2/export ca65f087-a5f2-43e8-9e7a-90c17ef940f2 2026-05-04T09:18:09.587413+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ca65f087-a5f2-43e8-9e7a-90c17ef940f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45552", "type": "seen", "source": "Telegram/ZAWAyZB8xQ7PAWWHFMWG4R3xVIHC9Zrbaz4WsiObTg_L55Bb", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"} 2025-03-08T04:35:52+00:00 https://vulnerability.circl.lu/sighting/4eadb0dd-9ea8-42ef-812f-38648efa65c3/export 4eadb0dd-9ea8-42ef-812f-38648efa65c3 2026-05-04T09:18:09.587318+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "4eadb0dd-9ea8-42ef-812f-38648efa65c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45553", "type": "seen", "source": "Telegram/vkAV5fsj_S3QZUNyDjnYgtqv1Rk2fS_4cc3ZnN9Ch1WUrmiz", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"} 2025-03-08T04:35:52+00:00 https://vulnerability.circl.lu/sighting/c87cee5e-7b05-4076-9d82-d9a0b6984e10/export c87cee5e-7b05-4076-9d82-d9a0b6984e10 2026-05-04T09:18:09.587164+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "c87cee5e-7b05-4076-9d82-d9a0b6984e10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45558", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10245", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45558\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross site scripting (XSS) vulnerability in Hundredrabbits Left 7.1.5 for MacOS allows attackers to execute arbitrary code via the meta tag.\n\ud83d\udccf Published: 2023-01-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T15:25:54.957Z\n\ud83d\udd17 References:\n1. https://github.com/hundredrabbits/Left/issues/168", "creation_timestamp": "2025-04-03T15:34:56.000000Z"} 2025-04-03T15:34:56+00:00 https://vulnerability.circl.lu/sighting/7860a7c7-7384-4687-8ecd-0770d5fe97e8/export 7860a7c7-7384-4687-8ecd-0770d5fe97e8 2026-05-04T09:18:09.579636+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7860a7c7-7384-4687-8ecd-0770d5fe97e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45557", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10265", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45557\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross site scripting (XSS) vulnerability in Hundredrabbits Left 7.1.5 for MacOS allows attackers to execute arbitrary code via file names.\n\ud83d\udccf Published: 2023-01-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T15:57:59.042Z\n\ud83d\udd17 References:\n1. https://github.com/hundredrabbits/Left/issues/167", "creation_timestamp": "2025-04-03T16:35:01.000000Z"} 2025-04-03T16:35:01+00:00