https://vulnerability.circl.lu/sightings/feed 2026-06-05T22:00:03.191343+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/57b6d1d5-adb7-4415-a64d-4e66b0e0cba3/export 2026-06-05T22:00:03.523909+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "57b6d1d5-adb7-4415-a64d-4e66b0e0cba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/267", "content": "CVE-2020-35476 OpenTSDB 2.4.0 \u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-35476_OpenTSDB_2.4.0_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-04-27T09:04:52.000000Z"} 2021-04-27T09:04:52+00:00 https://vulnerability.circl.lu/sighting/c5c9b345-596b-4fa1-96db-8e32da44b1ef/export 2026-06-05T22:00:03.523836+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c5c9b345-596b-4fa1-96db-8e32da44b1ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35473", "type": "seen", "source": "https://t.me/cibsecurity/52620", "content": "\u203c CVE-2020-35473 \u203c\n\nAn information leakage vulnerability in the Bluetooth Low Energy advertisement scan response in Bluetooth Core Specifications 4.0 through 5.2, and extended scan response in Bluetooth Core Specifications 5.0 through 5.2, may be used to identify devices using Resolvable Private Addressing (RPA) by their response or non-response to specific scan requests from remote addresses. RPAs that have been associated with a specific remote device may also be used to identify a peer in the same manner by using its reaction to an active scan request. This has also been called an allowlist-based side channel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T12:35:00.000000Z"} 2022-11-08T12:35:00+00:00 https://vulnerability.circl.lu/sighting/5eaa516e-771c-4fa8-a672-115930e60b95/export 2026-06-05T22:00:03.523768+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "5eaa516e-771c-4fa8-a672-115930e60b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opentsdb_yrange_cmd_injection.rb", "content": "", "creation_timestamp": "2022-12-23T14:46:09.000000Z"} 2022-12-23T14:46:09+00:00 https://vulnerability.circl.lu/sighting/2e8976d7-816d-4eaf-b2af-1238bc51d174/export 2026-06-05T22:00:03.523693+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "2e8976d7-816d-4eaf-b2af-1238bc51d174", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "seen", "source": "https://t.me/cibsecurity/63240", "content": "\u203c CVE-2023-25826 \u203c\n\nDue to insufficient validation of parameters passed to the legacy HTTP query API, it is possible to inject crafted OS commands into multiple parameters and execute malicious code on the OpenTSDB host system. This exploit exists due to an incomplete fix that was made when this vulnerability was previously disclosed as CVE-2020-35476. Regex validation that was implemented to restrict allowed input to the query API does not work as intended, allowing crafted commands to bypass validation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T22:31:09.000000Z"} 2023-05-03T22:31:09+00:00 https://vulnerability.circl.lu/sighting/8664cdb7-2538-4f5a-900a-aa7f2db14a44/export 2026-06-05T22:00:03.523615+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "8664cdb7-2538-4f5a-900a-aa7f2db14a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/995", "content": "CVE-2020-35476 \n\nget\n /q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27cat /etc%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json\"\n\n#poc", "creation_timestamp": "2023-11-03T05:29:56.000000Z"} 2023-11-03T05:29:56+00:00 https://vulnerability.circl.lu/sighting/722eeeb2-4f34-4f91-bc85-ffbb728894a0/export 2026-06-05T22:00:03.523537+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "722eeeb2-4f34-4f91-bc85-ffbb728894a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2611", "content": "#exploit\nCVE-2020-35476:\nOpenTSDB (Scalable Time Series DB) 2.4.0 - RCE\nhttps://github.com/OpenTSDB/opentsdb/issues/2051", "creation_timestamp": "2024-10-09T19:25:13.000000Z"} 2024-10-09T19:25:13+00:00 https://vulnerability.circl.lu/sighting/332dea69-c4cf-4308-9707-7583555b1cfd/export 2026-06-05T22:00:03.523464+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "332dea69-c4cf-4308-9707-7583555b1cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"} 2025-02-06T03:13:44+00:00 https://vulnerability.circl.lu/sighting/83d95242-4109-4304-9e61-e1067d98d8a7/export 2026-06-05T22:00:03.523383+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "83d95242-4109-4304-9e61-e1067d98d8a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:28.000000Z"} 2025-02-23T04:10:28+00:00 https://vulnerability.circl.lu/sighting/66a7712b-b461-42fa-a109-c5dfbcf85a11/export 2026-06-05T22:00:03.523280+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "66a7712b-b461-42fa-a109-c5dfbcf85a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-18)", "content": "", "creation_timestamp": "2025-05-18T00:00:00.000000Z"} 2025-05-18T00:00:00+00:00 https://vulnerability.circl.lu/sighting/d5680ea5-f87b-45ef-9b0b-cfb897cd43a2/export 2026-06-05T22:00:03.521572+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "d5680ea5-f87b-45ef-9b0b-cfb897cd43a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35476", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"} 2026-02-08T00:00:00+00:00