https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-06T16:17:55.956499+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/8b116c7e-cba5-4026-8c21-22c1b95258d8/export8b116c7e-cba5-4026-8c21-22c1b95258d82026-05-06T16:17:56.337305+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "8b116c7e-cba5-4026-8c21-22c1b95258d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2901", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9353", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2901\n\ud83d\udd25 CVSS Score: 4.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities.\n\ud83d\udccf Published: 2025-03-28T14:06:58.940Z\n\ud83d\udccf Modified: 2025-03-28T14:06:58.940Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-2901\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2355685", "creation_timestamp": "2025-03-28T14:27:36.000000Z"}2025-03-28T14:27:36+00:00https://vulnerability.circl.lu/sighting/270e1952-13f7-4b49-aa73-62ea67ceb4c4/export270e1952-13f7-4b49-aa73-62ea67ceb4c42026-05-06T16:17:56.337240+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "270e1952-13f7-4b49-aa73-62ea67ceb4c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29018", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmg5v2zs7r2r", "content": "", "creation_timestamp": "2025-04-09T23:38:08.826961Z"}2025-04-09T23:38:08.826961+00:00https://vulnerability.circl.lu/sighting/b2094e1a-649a-4fb9-a0ea-6d11f7d20973/exportb2094e1a-649a-4fb9-a0ea-6d11f7d209732026-05-06T16:17:56.337150+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "b2094e1a-649a-4fb9-a0ea-6d11f7d20973", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29018", "type": "seen", "source": "https://t.me/cvedetector/22606", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29018 - Code Astro Internet Banking System Stored XSS\", \n \"Content\": \"CVE ID : CVE-2025-29018 \nPublished : April 9, 2025, 9:16 p.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability exists in the name parameter of pages_add_acc_type.php in Code Astro Internet Banking System 2.0.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T01:08:41.000000Z"}2025-04-10T01:08:41+00:00https://vulnerability.circl.lu/sighting/ce3d5286-497b-4616-9d09-24367cea7639/exportce3d5286-497b-4616-9d09-24367cea76392026-05-06T16:17:56.337088+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "ce3d5286-497b-4616-9d09-24367cea7639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29017", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhta4i52q2z", "content": "", "creation_timestamp": "2025-04-10T15:32:50.646525Z"}2025-04-10T15:32:50.646525+00:00https://vulnerability.circl.lu/sighting/33bfdb94-3f71-427f-9ed7-a6211d4eafb8/export33bfdb94-3f71-427f-9ed7-a6211d4eafb82026-05-06T16:17:56.337008+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "33bfdb94-3f71-427f-9ed7-a6211d4eafb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29017", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114314923498215670", "content": "", "creation_timestamp": "2025-04-10T17:48:27.947712Z"}2025-04-10T17:48:27.947712+00:00https://vulnerability.circl.lu/sighting/11f6158a-1fe6-444c-943c-de8dd13bcbb9/export11f6158a-1fe6-444c-943c-de8dd13bcbb92026-05-06T16:17:56.336934+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "11f6158a-1fe6-444c-943c-de8dd13bcbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29017", "type": "seen", "source": "https://t.me/cvedetector/22658", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29017 - Code Astro Internet Banking System RCE File Upload Validation Bypass\", \n \"Content\": \"CVE ID : CVE-2025-29017 \nPublished : April 10, 2025, 2:15 p.m. | 1\u00a0hour, 3\u00a0minutes ago \nDescription : A Remote Code Execution (RCE) vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profile_pic parameter within pages_view_client.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T17:52:07.000000Z"}2025-04-10T17:52:07+00:00https://vulnerability.circl.lu/sighting/7dcb72eb-eebf-4ba0-90d3-6916680cc8c1/export7dcb72eb-eebf-4ba0-90d3-6916680cc8c12026-05-06T16:17:56.336853+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "7dcb72eb-eebf-4ba0-90d3-6916680cc8c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29015", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12218", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29015\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting (XSS) via the name parameter in /admin/pages_account.php.\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T13:47:25.631Z\n\ud83d\udd17 References:\n1. https://www.cvedetails.com/vulnerability-list/opxss-1/cross-site-scripting.html\n2. https://github.com/b1tm4r/CVE-2025-29015", "creation_timestamp": "2025-04-17T13:57:46.000000Z"}2025-04-17T13:57:46+00:00https://vulnerability.circl.lu/sighting/132d7a58-6388-4f84-a76c-c3e81e7d21a4/export132d7a58-6388-4f84-a76c-c3e81e7d21a42026-05-06T16:17:56.336761+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "132d7a58-6388-4f84-a76c-c3e81e7d21a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29015", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmze2j6t4t2l", "content": "", "creation_timestamp": "2025-04-17T14:49:11.035821Z"}2025-04-17T14:49:11.035821+00:00https://vulnerability.circl.lu/sighting/b76f5361-0551-422a-92f1-2b1e18d90340/exportb76f5361-0551-422a-92f1-2b1e18d903402026-05-06T16:17:56.334265+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "b76f5361-0551-422a-92f1-2b1e18d90340", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29015", "type": "seen", "source": "https://t.me/cvedetector/23243", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29015 - Code Astro Internet Banking System Cross Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2025-29015 \nPublished : April 17, 2025, 2:15 p.m. | 2\u00a0hours, 3\u00a0minutes ago \nDescription : Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting (XSS) via the name parameter in /admin/pages_account.php. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T18:49:57.000000Z"}2025-04-17T18:49:57+00:00