https://vulnerability.circl.lu/sightings/feed 2026-05-08T03:10:50.247062+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/851526af-f45d-4152-ab7b-c06d1c75a65e/export 2026-05-08T03:10:50.513785+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "851526af-f45d-4152-ab7b-c06d1c75a65e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1793", "content": "#exploit\n1. CVE-2024-38816:\nSpring Framework 6.0.3 path traversal\nhttps://github.com/masa42/CVE-2024-38816-PoC\n\n2. CVE-2024-7479/7481:\nTeamViewer User to Kernel EoP\nhttps://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481\n\n3. CVE-2024-26304:\nCritical RCE in HPE Aruba Devices\nhttps://github.com/Roud-Roud-Agency/CVE-2024-26304-RCE-exploits", "creation_timestamp": "2024-10-08T16:16:11.000000Z"} 2024-10-08T16:16:11+00:00 https://vulnerability.circl.lu/sighting/9c7a7dbc-3817-4eb7-b109-854def13c2a6/export 2026-05-08T03:10:50.513607+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "9c7a7dbc-3817-4eb7-b109-854def13c2a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3792", "content": "Tools Hackers Factory \n\nRecords an executable's network activity into a Full Packet Capture file (.pcap) and much more. \n\nhttps://github.com/H4NM/WhoYouCalling \n\nLinux kernel Netfilter Use-After-Free leads to LPE \n\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\nFrom object transition to RCE in the Chrome renderer \n\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer/ \n\nDeep Linux runtime visibility meets Wireshark \n\nhttps://github.com/aquasecurity/traceeshark \n\nScriptSentry finds misconfigured and dangerous logon scripts. \n\nhttps://github.com/techspence/scriptsentry\n\nActivation cache poisoning to elevate from medium to high integrity (CVE-2024-6769) \n\nhttps://github.com/fortra/CVE-2024-6769\n\nCVE-2024-38816: Path traversal vulnerability in Spring Frameworks\n\nhttps://github.com/masa42/CVE-2024-38816-PoC\n\nexploit_dev/browsers/v8/CVE-2024-5830 at main \u00b7 uf0o/exploit_dev'\n\nhttps://github.com/uf0o/exploit_dev/tree/main/browsers/v8/CVE-2024-5830\n\nNameless C2 - A C2 with all its components written in Rust\n\nhttps://github.com/trickster0/NamelessC2\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-13T05:35:42.000000Z"} 2024-10-13T05:35:42+00:00 https://vulnerability.circl.lu/sighting/78aa14b9-0887-4921-b5f6-9857d22b1e0f/export 2026-05-08T03:10:50.513437+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "78aa14b9-0887-4921-b5f6-9857d22b1e0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1063", "content": "Tools Hackers Factory \n\nRecords an executable's network activity into a Full Packet Capture file (.pcap) and much more. \n\nhttps://github.com/H4NM/WhoYouCalling\u00a0 \n\nLinux kernel Netfilter Use-After-Free leads to LPE \n\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\nFrom object transition to RCE in the Chrome renderer \n\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer/\u00a0 \n\nDeep Linux runtime visibility meets Wireshark \n\nhttps://github.com/aquasecurity/traceeshark\u00a0 \n\nScriptSentry finds misconfigured and dangerous logon scripts.\u00a0 \n\nhttps://github.com/techspence/scriptsentry\n\nActivation cache poisoning to elevate from medium to high integrity (CVE-2024-6769) \n\nhttps://github.com/fortra/CVE-2024-6769\n\nCVE-2024-38816: Path traversal vulnerability in Spring Frameworks\n\nhttps://github.com/masa42/CVE-2024-38816-PoC\n\nexploit_dev/browsers/v8/CVE-2024-5830 at main \u00b7 uf0o/exploit_dev'\n\nhttps://github.com/uf0o/exploit_dev/tree/main/browsers/v8/CVE-2024-5830\n\nNameless C2 - A C2 with all its components written in Rust\n\nhttps://github.com/trickster0/NamelessC2\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-13T05:35:50.000000Z"} 2024-10-13T05:35:50+00:00 https://vulnerability.circl.lu/sighting/f8443a1e-6643-4f2e-88b5-e81ef43f6743/export 2026-05-08T03:10:50.513274+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f8443a1e-6643-4f2e-88b5-e81ef43f6743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8879", "content": "Tools Hackers Factory \n\nRecords an executable's network activity into a Full Packet Capture file (.pcap) and much more. \n\nhttps://github.com/H4NM/WhoYouCalling\u00a0 \n\nLinux kernel Netfilter Use-After-Free leads to LPE \n\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\nFrom object transition to RCE in the Chrome renderer \n\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer/\u00a0 \n\nDeep Linux runtime visibility meets Wireshark \n\nhttps://github.com/aquasecurity/traceeshark\u00a0 \n\nScriptSentry finds misconfigured and dangerous logon scripts.\u00a0 \n\nhttps://github.com/techspence/scriptsentry\n\nActivation cache poisoning to elevate from medium to high integrity (CVE-2024-6769) \n\nhttps://github.com/fortra/CVE-2024-6769\n\nCVE-2024-38816: Path traversal vulnerability in Spring Frameworks\n\nhttps://github.com/masa42/CVE-2024-38816-PoC\n\nexploit_dev/browsers/v8/CVE-2024-5830 at main \u00b7 uf0o/exploit_dev'\n\nhttps://github.com/uf0o/exploit_dev/tree/main/browsers/v8/CVE-2024-5830\n\nNameless C2 - A C2 with all its components written in Rust\n\nhttps://github.com/trickster0/NamelessC2\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-13T05:35:55.000000Z"} 2024-10-13T05:35:55+00:00 https://vulnerability.circl.lu/sighting/cc1a4ce9-44a4-4ce9-8cdd-fd7705d7b5c0/export 2026-05-08T03:10:50.513106+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "cc1a4ce9-44a4-4ce9-8cdd-fd7705d7b5c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7514", "content": "Tools Hackers Factory \n\nRecords an executable's network activity into a Full Packet Capture file (.pcap) and much more. \n\nhttps://github.com/H4NM/WhoYouCalling\u00a0 \n\nLinux kernel Netfilter Use-After-Free leads to LPE \n\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\nFrom object transition to RCE in the Chrome renderer \n\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer/\u00a0 \n\nDeep Linux runtime visibility meets Wireshark \n\nhttps://github.com/aquasecurity/traceeshark\u00a0 \n\nScriptSentry finds misconfigured and dangerous logon scripts.\u00a0 \n\nhttps://github.com/techspence/scriptsentry\n\nActivation cache poisoning to elevate from medium to high integrity (CVE-2024-6769) \n\nhttps://github.com/fortra/CVE-2024-6769\n\nCVE-2024-38816: Path traversal vulnerability in Spring Frameworks\n\nhttps://github.com/masa42/CVE-2024-38816-PoC\n\nexploit_dev/browsers/v8/CVE-2024-5830 at main \u00b7 uf0o/exploit_dev'\n\nhttps://github.com/uf0o/exploit_dev/tree/main/browsers/v8/CVE-2024-5830\n\nNameless C2 - A C2 with all its components written in Rust\n\nhttps://github.com/trickster0/NamelessC2\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-13T05:35:55.000000Z"} 2024-10-13T05:35:55+00:00 https://vulnerability.circl.lu/sighting/a5157c79-a01d-4c53-b5f5-7052e60f0a6a/export 2026-05-08T03:10:50.512921+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a5157c79-a01d-4c53-b5f5-7052e60f0a6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24069", "content": "Tools Hackers Factory \n\nRecords an executable's network activity into a Full Packet Capture file (.pcap) and much more. \n\nhttps://github.com/H4NM/WhoYouCalling\u00a0 \n\nLinux kernel Netfilter Use-After-Free leads to LPE \n\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\nFrom object transition to RCE in the Chrome renderer \n\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer/\u00a0 \n\nDeep Linux runtime visibility meets Wireshark \n\nhttps://github.com/aquasecurity/traceeshark\u00a0 \n\nScriptSentry finds misconfigured and dangerous logon scripts.\u00a0 \n\nhttps://github.com/techspence/scriptsentry\n\nActivation cache poisoning to elevate from medium to high integrity (CVE-2024-6769) \n\nhttps://github.com/fortra/CVE-2024-6769\n\nCVE-2024-38816: Path traversal vulnerability in Spring Frameworks\n\nhttps://github.com/masa42/CVE-2024-38816-PoC\n\nexploit_dev/browsers/v8/CVE-2024-5830 at main \u00b7 uf0o/exploit_dev'\n\nhttps://github.com/uf0o/exploit_dev/tree/main/browsers/v8/CVE-2024-5830\n\nNameless C2 - A C2 with all its components written in Rust\n\nhttps://github.com/trickster0/NamelessC2\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-13T05:36:01.000000Z"} 2024-10-13T05:36:01+00:00 https://vulnerability.circl.lu/sighting/091d6d21-bf34-48ed-a7af-a091924a23fb/export 2026-05-08T03:10:50.512725+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "091d6d21-bf34-48ed-a7af-a091924a23fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/496", "content": "Tools Hackers Factory \n\nRecords an executable's network activity into a Full Packet Capture file (.pcap) and much more. \n\nhttps://github.com/H4NM/WhoYouCalling\u00a0 \n\nLinux kernel Netfilter Use-After-Free leads to LPE \n\nhttps://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26808_cos/docs/exploit.md\n\nFrom object transition to RCE in the Chrome renderer \n\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer/\u00a0 \n\nDeep Linux runtime visibility meets Wireshark \n\nhttps://github.com/aquasecurity/traceeshark\u00a0 \n\nScriptSentry finds misconfigured and dangerous logon scripts.\u00a0 \n\nhttps://github.com/techspence/scriptsentry\n\nActivation cache poisoning to elevate from medium to high integrity (CVE-2024-6769) \n\nhttps://github.com/fortra/CVE-2024-6769\n\nCVE-2024-38816: Path traversal vulnerability in Spring Frameworks\n\nhttps://github.com/masa42/CVE-2024-38816-PoC\n\nexploit_dev/browsers/v8/CVE-2024-5830 at main \u00b7 uf0o/exploit_dev'\n\nhttps://github.com/uf0o/exploit_dev/tree/main/browsers/v8/CVE-2024-5830\n\nNameless C2 - A C2 with all its components written in Rust\n\nhttps://github.com/trickster0/NamelessC2\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-13T05:36:02.000000Z"} 2024-10-13T05:36:02+00:00 https://vulnerability.circl.lu/sighting/ddac21c5-e5c1-4900-9ee5-0ef243237196/export 2026-05-08T03:10:50.512528+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ddac21c5-e5c1-4900-9ee5-0ef243237196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9289", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a CVE-2024-38816\nURL\uff1ahttps://github.com/Anthony1078/App-vulnerable\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-02T02:19:45.000000Z"} 2024-12-02T02:19:45+00:00 https://vulnerability.circl.lu/sighting/ceab1a6a-3cb5-471b-adfa-be2b86f88625/export 2026-05-08T03:10:50.512282+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ceab1a6a-3cb5-471b-adfa-be2b86f88625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "seen", "source": "Telegram/1zNa7pMwfeIIXjzqgGa2xgSGyrTz-rfFVmWTa9CL09P5hDk", "content": "", "creation_timestamp": "2025-04-14T11:00:05.000000Z"} 2025-04-14T11:00:05+00:00 https://vulnerability.circl.lu/sighting/53da4e4e-02c6-42d4-8e62-e73cbaf53335/export 2026-05-08T03:10:50.507070+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "53da4e4e-02c6-42d4-8e62-e73cbaf53335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38816", "type": "seen", "source": "https://t.me/true_secator/7151", "content": "\u0412 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0434\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f:\n\n1. BeyondTrust \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430.\n\nCVE-2025-5309 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Resilion\u00a0\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b BeyondTrust Remote Support \u0438 Privileged Remote Access. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0448\u0430\u0431\u043b\u043e\u043d\u0438\u0437\u0430\u0442\u043e\u0440 BeyondTrust \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n2. Citrix \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0434\u043b\u044f \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0440\u0435\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 (CVE-2025-5777) \u0432 NetScaler ADC \u0438 NetScaler Gateway.\n\nCitrix \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\u00a0\n\n3. \u0414\u0436\u043e\u043d\u0430\u0442\u0430\u043d \u041c\u044d\u043d\u043d\u0445\u0435\u043d \u043e\u0442\u044b\u0441\u043a\u0430\u043b \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Erlang/OTP ZIP-\u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043f\u0443\u0442\u044c \u043f\u043e \u0441\u0432\u043e\u0435\u043c\u0443 \u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044e.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 CrowdStrike \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043e\u0431\u0437\u043e\u0440 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 AMSI \u0431\u0435\u0437 \u043f\u0430\u0442\u0447\u0435\u0439, \u0435\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n5. Cisco \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439.\n\n6. Atlassian \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u0445 Bamboo, Bitbucket, Confluence, Crowd \u0438 Jira.\n\n\u041a \u043d\u0438\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f CVE-2025-22228 (\u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0432 Spring), CVE-2025-24970 (DoS \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Netty), CVE-2024-38816 (\u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u0432\u0435\u0431-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430\u043c\u0438 WebMvc.fn \u0438 WebFlux.fn), CVE-2024-57699 (DoS \u0432 Netplex Json-smart) \u0438 CVE-2025-31650 (DoS \u0432 Apache Tomcat).\n\n7. Microsoft \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u043f\u043b\u0430\u043d\u0430\u0445 \u043f\u0435\u0440\u0438\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438\u0437 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u0438.\n\n8. GreyNoise \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0435 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-28771 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Zyxel, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u043c \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai.\n\n9. \u041d\u0435\u0434\u0430\u0432\u043d\u044f\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Langflow, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a CVE-2025-3248, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043e\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0431\u043e\u0442\u043d\u0435\u0442 Flodrix, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 Trend Micro.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Langflow, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 PoC, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445.", "creation_timestamp": "2025-06-20T18:30:05.000000Z"} 2025-06-20T18:30:05+00:00