Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-10T13:34:33.110439+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a1ea5fdf-54ee-4926-96f7-ae81f9fcb9a3/export a1ea5fdf-54ee-4926-96f7-ae81f9fcb9a3 2026-05-10T13:34:33.501241+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a1ea5fdf-54ee-4926-96f7-ae81f9fcb9a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4933", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16842", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4933\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in ponaravindb Hospital-Management-System 1.0. This affects an unknown part of the file /doctor-panel.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-19T13:00:07.934Z\n\ud83d\udccf Modified: 2025-05-19T13:00:07.934Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309495\n2. https://vuldb.com/?ctiid.309495\n3. https://vuldb.com/?submit.579678\n4. https://github.com/zylv0002/SQLi-ponaravindb-HMS", "creation_timestamp": "2025-05-19T13:39:26.000000Z"} 2025-05-19T13:39:26+00:00 https://vulnerability.circl.lu/sighting/fc764ee0-cc40-437f-a0c6-bc57f4543f76/export fc764ee0-cc40-437f-a0c6-bc57f4543f76 2026-05-10T13:34:33.501163+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "fc764ee0-cc40-437f-a0c6-bc57f4543f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lrsstpo6as23", "content": "", "creation_timestamp": "2025-06-17T15:31:06.159234Z"} 2025-06-17T15:31:06.159234+00:00 https://vulnerability.circl.lu/sighting/6f71ffd5-a8c6-46ba-af73-0f37d4369d67/export 6f71ffd5-a8c6-46ba-af73-0f37d4369d67 2026-05-10T13:34:33.501079+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6f71ffd5-a8c6-46ba-af73-0f37d4369d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "seen", "source": "Telegram/-G7yge5OO_PwalQgUT4aKwTAwYlFDeFB7_c6hZGGGT8IukU", "content": "", "creation_timestamp": "2025-06-17T16:18:10.000000Z"} 2025-06-17T16:18:10+00:00 https://vulnerability.circl.lu/sighting/099d43b7-4f01-42ac-821a-785eb1c61cdb/export 099d43b7-4f01-42ac-821a-785eb1c61cdb 2026-05-10T13:34:33.500977+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "099d43b7-4f01-42ac-821a-785eb1c61cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "seen", "source": "Telegram/-G7yge5OO_PwalQgUT4aKwTAwYlFDeFB7_c6hZGGGT8IukU", "content": "", "creation_timestamp": "2025-06-17T16:18:10.000000Z"} 2025-06-17T16:18:10+00:00 https://vulnerability.circl.lu/sighting/ae835de8-fd30-4558-bdcb-d80c6b636e21/export ae835de8-fd30-4558-bdcb-d80c6b636e21 2026-05-10T13:34:33.500886+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ae835de8-fd30-4558-bdcb-d80c6b636e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "seen", "source": "Telegram/PD7za3Z_IQKuOVsDqz1Mapzzmy3mNuoA2PwtCv7Di4_BOiE", "content": "", "creation_timestamp": "2025-06-17T16:18:16.000000Z"} 2025-06-17T16:18:16+00:00 https://vulnerability.circl.lu/sighting/cc28c64c-4e73-460f-8afd-b7e626fd053a/export cc28c64c-4e73-460f-8afd-b7e626fd053a 2026-05-10T13:34:33.500748+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "cc28c64c-4e73-460f-8afd-b7e626fd053a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49331\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in impleCode eCommerce Product Catalog allows Object Injection. This issue affects eCommerce Product Catalog: from n/a through 3.4.3.\n\ud83d\udccf Published: 2025-06-17T15:01:22.874Z\n\ud83d\udccf Modified: 2025-06-20T13:13:22.955Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ecommerce-product-catalog/vulnerability/wordpress-ecommerce-product-catalog-3-4-3-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:12.000000Z"} 2025-06-20T13:43:12+00:00 https://vulnerability.circl.lu/sighting/21728e87-9818-4619-832c-5730b8ff5d86/export 21728e87-9818-4619-832c-5730b8ff5d86 2026-05-10T13:34:33.497957+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "21728e87-9818-4619-832c-5730b8ff5d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18953", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49330\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin allows Object Injection. This issue affects Integration for Contact Form 7 and Zoho CRM, Bigin: from n/a through 1.3.0.\n\ud83d\udccf Published: 2025-06-17T15:01:23.343Z\n\ud83d\udccf Modified: 2025-06-20T13:13:17.417Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cf7-zoho/vulnerability/wordpress-integration-for-contact-form-7-and-zoho-crm-bigin-1-3-0-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:13.000000Z"} 2025-06-20T13:43:13+00:00