Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-12T04:22:07.152600+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/81d86fa0-c21b-4768-a52f-b2265398b995/export 81d86fa0-c21b-4768-a52f-b2265398b995 2026-05-12T04:22:07.366961+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "81d86fa0-c21b-4768-a52f-b2265398b995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4187", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20097\n\ud83d\udd25 CVSS Score: 4.2 (CVSS_V3)\n\ud83d\udd39 Description: Uncaught exception in OpenBMC Firmware for the Intel(R) Server M50FCP Family and Intel(R) Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial of service via network access.\n\ud83d\udccf Published: 2025-02-13T00:33:07Z\n\ud83d\udccf Modified: 2025-02-13T00:33:07Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-20097\n2. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00990.html", "creation_timestamp": "2025-02-13T01:09:55.000000Z"} 2025-02-13T01:09:55+00:00 https://vulnerability.circl.lu/sighting/1f3377a8-969e-47bb-85f6-2f5fe312121a/export 1f3377a8-969e-47bb-85f6-2f5fe312121a 2026-05-12T04:22:07.366887+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "1f3377a8-969e-47bb-85f6-2f5fe312121a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113993921386449567", "content": "", "creation_timestamp": "2025-02-13T01:13:21.210993Z"} 2025-02-13T01:13:21.210993+00:00 https://vulnerability.circl.lu/sighting/82429052-f291-4264-a78c-d2c110ff110c/export 82429052-f291-4264-a78c-d2c110ff110c 2026-05-12T04:22:07.366810+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "82429052-f291-4264-a78c-d2c110ff110c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhzn3zporm26", "content": "", "creation_timestamp": "2025-02-13T02:25:07.435056Z"} 2025-02-13T02:25:07.435056+00:00 https://vulnerability.circl.lu/sighting/d32fec20-8a3b-42f8-bd91-277bd6346c79/export d32fec20-8a3b-42f8-bd91-277bd6346c79 2026-05-12T04:22:07.366726+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "d32fec20-8a3b-42f8-bd91-277bd6346c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20091", "type": "seen", "source": "https://t.me/cvedetector/19458", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-20091 - OpenHarmony Use After Free Arbitrary Code Execution\", \n \"Content\": \"CVE ID : CVE-2025-20091 \nPublished : March 4, 2025, 4:15 a.m. | 22\u00a0minutes ago \nDescription : in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. \nSeverity: 3.8 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T05:48:07.000000Z"} 2025-03-04T05:48:07+00:00 https://vulnerability.circl.lu/sighting/1e3815a4-396c-4a83-8a86-ab8252959175/export 1e3815a4-396c-4a83-8a86-ab8252959175 2026-05-12T04:22:07.366643+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "1e3815a4-396c-4a83-8a86-ab8252959175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8816", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2009\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logging functionality in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-03-26T08:21:50.914Z\n\ud83d\udccf Modified: 2025-03-26T08:21:50.914Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/3825c80c-e4b1-4dd8-be77-38f718920b9a?source=cve\n2. https://plugins.trac.wordpress.org/browser/newsletters-lite/trunk/views/admin/settings/view_logs.php?rev=3212300#L107\n3. https://plugins.trac.wordpress.org/changeset/3257980/newsletters-lite/trunk/views/admin/settings/view_logs.php", "creation_timestamp": "2025-03-26T09:26:00.000000Z"} 2025-03-26T09:26:00+00:00 https://vulnerability.circl.lu/sighting/81ace1c2-d318-4680-8f44-47dc39b1fe2d/export 81ace1c2-d318-4680-8f44-47dc39b1fe2d 2026-05-12T04:22:07.366565+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "81ace1c2-d318-4680-8f44-47dc39b1fe2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "seen", "source": "Telegram/vxFeWKT3kumdU6cdBVzu6teCfmUQZJYA4HbhY0-VOVXPavQ", "content": "", "creation_timestamp": "2025-03-26T10:01:12.000000Z"} 2025-03-26T10:01:12+00:00 https://vulnerability.circl.lu/sighting/fa816b14-0cf9-4454-a7e7-6667fd107318/export fa816b14-0cf9-4454-a7e7-6667fd107318 2026-05-12T04:22:07.366471+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "fa816b14-0cf9-4454-a7e7-6667fd107318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "seen", "source": "https://t.me/cvedetector/21159", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2009 - WordPress Newsletters Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2009 \nPublished : March 26, 2025, 9:15 a.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logging functionality in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"26 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T12:12:47.000000Z"} 2025-03-26T12:12:47+00:00 https://vulnerability.circl.lu/sighting/b1b180fb-9e12-4e8e-b6e5-6b1d8810280f/export b1b180fb-9e12-4e8e-b6e5-6b1d8810280f 2026-05-12T04:22:07.366385+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "b1b180fb-9e12-4e8e-b6e5-6b1d8810280f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20095", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20095\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Incorrect Default Permissions for some Intel(R) RealSense\u2122 SDK software before version 2.56.2 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2025-05-13T21:02:10.612Z\n\ud83d\udccf Modified: 2025-05-16T03:55:55.436Z\n\ud83d\udd17 References:\n1. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01305.html", "creation_timestamp": "2025-05-16T04:33:57.000000Z"} 2025-05-16T04:33:57+00:00 https://vulnerability.circl.lu/sighting/90290016-63ff-4df4-83c6-e5e4acaf4921/export 90290016-63ff-4df4-83c6-e5e4acaf4921 2026-05-12T04:22:07.366262+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "90290016-63ff-4df4-83c6-e5e4acaf4921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20093", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lw7wvwaxwf2q", "content": "", "creation_timestamp": "2025-08-12T18:29:17.791011Z"} 2025-08-12T18:29:17.791011+00:00 https://vulnerability.circl.lu/sighting/d94e87d6-c3fc-4e1b-9fb8-ea5191845095/export d94e87d6-c3fc-4e1b-9fb8-ea5191845095 2026-05-12T04:22:07.364704+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "d94e87d6-c3fc-4e1b-9fb8-ea5191845095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20091", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"} 2025-08-19T13:26:45+00:00