https://vulnerability.circl.lu/sightings/feed 2026-05-10T12:56:06.259399+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/e2f1adde-40ca-4586-8eb6-03108c4afa75/export 2026-05-10T12:56:06.626033+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e2f1adde-40ca-4586-8eb6-03108c4afa75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52969", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19244", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52969\n\ud83d\udd25 CVSS Score: 2.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: ClickHouse 25.7.1.557 allows low-privileged users to execute shell commands by querying existing Executable() tables created by higher-privileged users. Although the CREATE TABLE privilege is restricted, there is no access control preventing low-privileged users from invoking Executable tables already present in the system. If an attacker can influence the contents of the script referenced by the Executable() engine through writable paths, they may execute controlled commands in the context of the ClickHouse server, leading to privilege escalation and unauthorized code execution. NOTE: the Supplier's position is that these types of executions by low-privileged users are the expected behavior.\n\ud83d\udccf Published: 2025-06-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-23T16:48:38.456Z\n\ud83d\udd17 References:\n1. https://github.com/skraft9/clickhouse-security-research", "creation_timestamp": "2025-06-23T17:45:32.000000Z"} 2025-06-23T17:45:32+00:00