Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-05T01:36:26.499819+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a4445a1b-541e-4357-81eb-d2e55450688f/export a4445a1b-541e-4357-81eb-d2e55450688f 2026-05-05T01:36:26.685889+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a4445a1b-541e-4357-81eb-d2e55450688f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25620", "type": "seen", "source": "https://t.me/cvedetector/19970", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-25620 - Unifiedtransform XSS in Create Assignment Function\", \n \"Content\": \"CVE ID : CVE-2025-25620 \nPublished : March 10, 2025, 3:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T19:02:37.000000Z"} 2025-03-10T19:02:37+00:00 https://vulnerability.circl.lu/sighting/7b570633-e298-48b8-8ad7-c08f2ba6c741/export 7b570633-e298-48b8-8ad7-c08f2ba6c741 2026-05-05T01:36:26.685795+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7b570633-e298-48b8-8ad7-c08f2ba6c741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25620", "type": "seen", "source": "Telegram/Emr1ciIzaHHWcrPN1jw-fZ_xbG876xawTM79_wNMb0P0OljN", "content": "", "creation_timestamp": "2025-03-10T19:39:06.000000Z"} 2025-03-10T19:39:06+00:00 https://vulnerability.circl.lu/sighting/bf0a8142-85ee-4d23-8c5f-ab1aa6192a3f/export bf0a8142-85ee-4d23-8c5f-ab1aa6192a3f 2026-05-05T01:36:26.685688+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "bf0a8142-85ee-4d23-8c5f-ab1aa6192a3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25625", "type": "seen", "source": "https://t.me/cvedetector/20218", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-25625 - FS Inc S3150 8T2F Switch Stored Cross-Site Scripting (XSS) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-25625 \nPublished : March 13, 2025, 3:15 p.m. | 41\u00a0minutes ago \nDescription : FS Inc S3150 8T2F Switch s3150-8t2f-switch-fsos-220d_118101 has a stored cross-site scripting (XSS) vulnerability in the web management interface. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T17:17:23.000000Z"} 2025-03-13T17:17:23+00:00 https://vulnerability.circl.lu/sighting/e33b2fef-d561-438b-bbcd-f6ca5c711883/export e33b2fef-d561-438b-bbcd-f6ca5c711883 2026-05-05T01:36:26.685582+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e33b2fef-d561-438b-bbcd-f6ca5c711883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25621", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7783", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25621\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacher_id=2&semester_id=1.\n\ud83d\udccf Published: 2025-03-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-17T14:21:45.846Z\n\ud83d\udd17 References:\n1. https://github.com/changeweb/Unifiedtransform\n2. https://github.com/armaansidana2003/CVE-2025-25621", "creation_timestamp": "2025-03-17T14:52:15.000000Z"} 2025-03-17T14:52:15+00:00 https://vulnerability.circl.lu/sighting/045ca390-0344-4348-a5b5-06424e1de8fb/export 045ca390-0344-4348-a5b5-06424e1de8fb 2026-05-05T01:36:26.685467+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "045ca390-0344-4348-a5b5-06424e1de8fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25621", "type": "seen", "source": "https://t.me/cvedetector/20471", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-25621 - Unifiedtransform Unsecured Teacher Attendance Access\", \n \"Content\": \"CVE ID : CVE-2025-25621 \nPublished : March 17, 2025, 3:15 p.m. | 33\u00a0minutes ago \nDescription : Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacher_id=2&semester_id=1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T17:28:00.000000Z"} 2025-03-17T17:28:00+00:00 https://vulnerability.circl.lu/sighting/84cf86b6-79d6-44bb-a15c-4edb07f4b5ed/export 84cf86b6-79d6-44bb-a15c-4edb07f4b5ed 2026-05-05T01:36:26.685359+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "84cf86b6-79d6-44bb-a15c-4edb07f4b5ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25621", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lklphuidgl2m", "content": "", "creation_timestamp": "2025-03-17T17:45:52.582895Z"} 2025-03-17T17:45:52.582895+00:00 https://vulnerability.circl.lu/sighting/61defe13-8b10-409c-a124-092669a6a141/export 61defe13-8b10-409c-a124-092669a6a141 2026-05-05T01:36:26.685249+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "61defe13-8b10-409c-a124-092669a6a141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25625", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7946", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25625\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stored cross-site scripting vulnerability exists in FS model S3150-8T2F switches running firmware s3150-8t2f-switch-fsos-220d_118101 and web firmware v2.2.2, which allows an authenticated web interface user to bypass input filtering on user names, and stores un-sanitized HTML and Javascript on the device. Pages which then present the user name without encoding special characters will then cause the injected code to be parsed by the browsers of other users accessing the web interface.\n\ud83d\udccf Published: 2025-03-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T16:48:28.206Z\n\ud83d\udd17 References:\n1. https://github.com/whitewhale-dmb/Vulnerability-Research/tree/main/CVE-2025-25625", "creation_timestamp": "2025-03-18T17:48:43.000000Z"} 2025-03-18T17:48:43+00:00 https://vulnerability.circl.lu/sighting/29df056d-e2e3-4c90-aa2d-82427c0aab4f/export 29df056d-e2e3-4c90-aa2d-82427c0aab4f 2026-05-05T01:36:26.685132+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "29df056d-e2e3-4c90-aa2d-82427c0aab4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2562", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8916", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2562\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality.\n\n\n\n\n\n\n\nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.\n\ud83d\udccf Published: 2025-03-26T17:24:37.280Z\n\ud83d\udccf Modified: 2025-03-26T18:18:25.425Z\n\ud83d\udd17 References:\n1. https://devolutions.net/security/advisories/DEVO-2025-0005/", "creation_timestamp": "2025-03-26T18:25:22.000000Z"} 2025-03-26T18:25:22+00:00 https://vulnerability.circl.lu/sighting/51e722a1-64cb-4ea5-ab26-f15e52dd9dc5/export 51e722a1-64cb-4ea5-ab26-f15e52dd9dc5 2026-05-05T01:36:26.684973+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "51e722a1-64cb-4ea5-ab26-f15e52dd9dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2562", "type": "seen", "source": "https://t.me/cvedetector/21205", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2562 - Devolutions Remote Desktop Manager Inadequate Logging in Autotyping Feature\", \n \"Content\": \"CVE ID : CVE-2025-2562 \nPublished : March 26, 2025, 6:15 p.m. | 31\u00a0minutes ago \nDescription : Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via the use of the autotyping functionality. \n \n \n \n \n \n \n \nThis issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"26 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T20:34:50.000000Z"} 2025-03-26T20:34:50+00:00 https://vulnerability.circl.lu/sighting/8fdeaca0-3b26-4a5d-bed4-5f2efedf8740/export 8fdeaca0-3b26-4a5d-bed4-5f2efedf8740 2026-05-05T01:36:26.682331+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8fdeaca0-3b26-4a5d-bed4-5f2efedf8740", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25621", "type": "seen", "source": "MISP/fc16b923-3a13-4e9d-9aac-10a57cac12c7", "content": "", "creation_timestamp": "2025-08-18T18:30:59.000000Z"} 2025-08-18T18:30:59+00:00