https://vulnerability.circl.lu/sightings/feed 2026-05-30T05:14:52.956418+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/296f98ab-c401-4135-b822-9d83311fc1cf/export 2026-05-30T05:14:53.161992+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "296f98ab-c401-4135-b822-9d83311fc1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23896", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7gntgxx2f", "content": "", "creation_timestamp": "2025-01-16T21:19:26.126144Z"} 2025-01-16T21:19:26.126144+00:00 https://vulnerability.circl.lu/sighting/a421f456-1ea2-4708-806d-303ecdf446e4/export 2026-05-30T05:14:53.161900+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a421f456-1ea2-4708-806d-303ecdf446e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23897", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7gq5rys2n", "content": "", "creation_timestamp": "2025-01-16T21:19:28.394632Z"} 2025-01-16T21:19:28.394632+00:00 https://vulnerability.circl.lu/sighting/7739a103-c7d6-4f7b-acc0-f6b778b1dc85/export 2026-05-30T05:14:53.161807+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7739a103-c7d6-4f7b-acc0-f6b778b1dc85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23898", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7gsmpxo2e", "content": "", "creation_timestamp": "2025-01-16T21:19:30.965565Z"} 2025-01-16T21:19:30.965565+00:00 https://vulnerability.circl.lu/sighting/abf38f49-23b4-481c-8ade-0922d08e8119/export 2026-05-30T05:14:53.161712+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "abf38f49-23b4-481c-8ade-0922d08e8119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23899", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7gvdhfd2r", "content": "", "creation_timestamp": "2025-01-16T21:19:33.848909Z"} 2025-01-16T21:19:33.848909+00:00 https://vulnerability.circl.lu/sighting/e53b3af4-4418-4558-9fa2-81850bbadd25/export 2026-05-30T05:14:53.161603+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e53b3af4-4418-4558-9fa2-81850bbadd25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23891", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2217", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23891\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Loy Yet Another Countdown allows DOM-Based XSS.This issue affects Yet Another Countdown: from n/a through 1.0.1.\n\ud83d\udccf Published: 2025-01-16T20:07:41.466Z\n\ud83d\udccf Modified: 2025-01-17T21:51:02.043Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/yacp/vulnerability/wordpress-yet-another-countdown-plugin-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-17T21:56:51.000000Z"} 2025-01-17T21:56:51+00:00 https://vulnerability.circl.lu/sighting/a00861b2-23f3-4842-b831-acdff1e700e4/export 2026-05-30T05:14:53.161486+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a00861b2-23f3-4842-b831-acdff1e700e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23892", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2249", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23892\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Furr and Simon Ward Progress Tracker allows DOM-Based XSS.This issue affects Progress Tracker: from n/a through 0.9.3.\n\ud83d\udccf Published: 2025-01-16T20:07:40.234Z\n\ud83d\udccf Modified: 2025-01-17T21:52:58.506Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/progress-tracker/vulnerability/wordpress-progress-tracker-plugin-0-9-3-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-17T22:57:19.000000Z"} 2025-01-17T22:57:19+00:00 https://vulnerability.circl.lu/sighting/ddc3af37-3272-4869-b555-db911b1dca35/export 2026-05-30T05:14:53.161387+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ddc3af37-3272-4869-b555-db911b1dca35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23894", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lggbsirukn2c", "content": "", "creation_timestamp": "2025-01-23T16:17:06.354720Z"} 2025-01-23T16:17:06.354720+00:00 https://vulnerability.circl.lu/sighting/85b9a479-5e2d-45fb-af3d-0bf6b6dfb2b2/export 2026-05-30T05:14:53.161282+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "85b9a479-5e2d-45fb-af3d-0bf6b6dfb2b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23894", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lggdwfrpbh2q", "content": "", "creation_timestamp": "2025-01-23T16:55:12.153032Z"} 2025-01-23T16:55:12.153032+00:00 https://vulnerability.circl.lu/sighting/2d275c7e-8778-415c-8223-2a7c377306ef/export 2026-05-30T05:14:53.161138+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "2d275c7e-8778-415c-8223-2a7c377306ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23894", "type": "seen", "source": "https://t.me/cvedetector/16190", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-23894 - Tatsuya Fukata, Alexander Ovsov wp-flickr-press Cross-site Scripting\", \n \"Content\": \"CVE ID : CVE-2025-23894 \nPublished : Jan. 23, 2025, 4:15 p.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tatsuya Fukata, Alexander Ovsov wp-flickr-press allows Reflected XSS. This issue affects wp-flickr-press: from n/a through 2.6.4. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-23T18:18:43.000000Z"} 2025-01-23T18:18:43+00:00 https://vulnerability.circl.lu/sighting/9e1c2a84-1f38-4a28-8414-235b1ca39c99/export 2026-05-30T05:14:53.158342+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "9e1c2a84-1f38-4a28-8414-235b1ca39c99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2389", "type": "seen", "source": "https://t.me/cvedetector/20502", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2389 - Code-projects Blood Bank Management System SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2389 \nPublished : March 17, 2025, 7:15 p.m. | 49\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_city.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T21:39:28.000000Z"} 2025-03-17T21:39:28+00:00