<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-09T08:03:32.153575+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/351e8e05-c800-4917-abc3-2358a1633bd1/export</id>
    <title>351e8e05-c800-4917-abc3-2358a1633bd1</title>
    <updated>2026-07-09T08:03:32.171942+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "351e8e05-c800-4917-abc3-2358a1633bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/351e8e05-c800-4917-abc3-2358a1633bd1/export"/>
    <published>2025-10-23T21:13:01+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c2b74715-a106-4e1b-bd2a-e907ba7e5735/export</id>
    <title>c2b74715-a106-4e1b-bd2a-e907ba7e5735</title>
    <updated>2026-07-09T08:03:32.174187+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c2b74715-a106-4e1b-bd2a-e907ba7e5735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c2b74715-a106-4e1b-bd2a-e907ba7e5735/export"/>
    <published>2025-02-23T04:10:55+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/71d7c2f9-b1b7-457a-98ea-05a91d00ac7f/export</id>
    <title>71d7c2f9-b1b7-457a-98ea-05a91d00ac7f</title>
    <updated>2026-07-09T08:03:32.174300+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "71d7c2f9-b1b7-457a-98ea-05a91d00ac7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/71d7c2f9-b1b7-457a-98ea-05a91d00ac7f/export"/>
    <published>2025-02-06T03:13:46+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0420520c-5c61-4e90-b092-1492cec9b48d/export</id>
    <title>0420520c-5c61-4e90-b092-1492cec9b48d</title>
    <updated>2026-07-09T08:03:32.174388+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0420520c-5c61-4e90-b092-1492cec9b48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3201", "content": "Hackers Factory \n\nA collection of resources for linux reverse engineering\n\nhttps://github.com/michalmalik/linux-re-101\n\nA tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nA tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.\n\nhttps://github.com/ShorSec/ShadowSpray\n\nEXP for CVE-2023-28434 MinIO unauthorized to RCE\n\nhttps://github.com/AbelChe/evil_minio\n\nThis is a Proof of Concept (PoC) for CVE-2023-3244, a vulnerability in comment-like-dislike. The PoC demonstrates the exploitability of this vulnerability and serves as a reference for security researchers and developers to better understand and mitigate the risk associated with this issue.\n\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\nNextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix\n\nhttps://github.com/Nextdoor/cspm_evaluation_matrix\n\nMass Exploit - CVE-2023-1698 &amp;lt; Unauthenticated Remote Command Execution\n\nhttps://github.com/codeb0ss/CVE-2023-1698-PoC\n\nPassive subdomain continous monitoring tool\n\nhttps://github.com/e1abrador/sub.Monitor\n\nAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nA collection of awesome one-liners for bug bounty hunting.\n\nhttps://github.com/0xPugazh/One-Liners\n\nThis is a useful Python script for extracting bug bounty.\n\nhttps://github.com/St74nger/writeup-miner\n\nThis repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.\n\nhttps://github.com/bhavesh-pardhi/Wordlist-Hub\n\nKQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules &amp;amp; Hunting Rules.\n\nhttps://github.com/Bert-JanP/Hunting-Queries-Detection-Rules\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-23T21:34:09.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0420520c-5c61-4e90-b092-1492cec9b48d/export"/>
    <published>2023-10-23T21:34:09+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/962fe49f-257e-4655-b7bf-a3bbdd7ccfbb/export</id>
    <title>962fe49f-257e-4655-b7bf-a3bbdd7ccfbb</title>
    <updated>2026-07-09T08:03:32.174485+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "962fe49f-257e-4655-b7bf-a3bbdd7ccfbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3187", "content": "Hackers Factory \n\nA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests\n\nhttps://github.com/projectdiscovery/naabu\n\nA collection of phishing samples for researchers and detection developers.\n\nhttps://github.com/rf-peixoto/phishing_pot\n\nPassive subdomain continous monitoring tool.\n\nhttps://github.com/e1abrador/sub.Monitor\n\nSecurity scanner for your Terraform code\n\nhttps://github.com/aquasecurity/tfsec\n\nDetect and remediate misconfigurations and security risks across all your GitHub and GitLab assets\n\nhttps://github.com/Legit-Labs/legitify\n\nStreamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.\n\nhttps://github.com/thecyberneh/scriptkiddi3\n\nUseful resources for SOC Analyst and SOC Analyst candidates.\n\nhttps://github.com/LetsDefend/awesome-soc-analyst\n\nXML-RPC Vulnerability Checker and Directory Fuzzer\n\nhttps://github.com/MINAD0/XML-RPC-Check\n\nA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\n\nhttps://github.com/Chocapikk/CVE-2023-30943\n\nAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nNotepad++ heap buffer overflow vulnerability CVE-2023-40031 analysis and reproduction\n\nhttps://github.com/webraybtl/CVE-2023-40031\n\nPMP-Decrypter. This is a tool to decrypt the encrypted password strings in \"Patch My PC\"\n\nhttps://github.com/LuemmelSec/PMP-Decrypter\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-10T12:01:22.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/962fe49f-257e-4655-b7bf-a3bbdd7ccfbb/export"/>
    <published>2023-09-10T12:01:22+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b3ca7d8a-a434-49dd-9b17-806f4a68a02d/export</id>
    <title>b3ca7d8a-a434-49dd-9b17-806f4a68a02d</title>
    <updated>2026-07-09T08:03:32.174589+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b3ca7d8a-a434-49dd-9b17-806f4a68a02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opentsdb_key_cmd_injection.rb", "content": "", "creation_timestamp": "2023-09-08T16:06:04.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b3ca7d8a-a434-49dd-9b17-806f4a68a02d/export"/>
    <published>2023-09-08T16:06:04+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7975cb88-5e6c-4e20-9ed7-6fa40d799da8/export</id>
    <title>7975cb88-5e6c-4e20-9ed7-6fa40d799da8</title>
    <updated>2026-07-09T08:03:32.174670+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7975cb88-5e6c-4e20-9ed7-6fa40d799da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5101", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\nURL\uff1ahttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-07T14:30:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7975cb88-5e6c-4e20-9ed7-6fa40d799da8/export"/>
    <published>2023-09-07T14:30:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/85183073-aa8c-44bd-8734-9f299655174c/export</id>
    <title>85183073-aa8c-44bd-8734-9f299655174c</title>
    <updated>2026-07-09T08:03:32.174752+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "85183073-aa8c-44bd-8734-9f299655174c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36811", "type": "seen", "source": "https://t.me/cibsecurity/69481", "content": "\u203c CVE-2023-36811 \u203c\n\nborgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to: 1. insert files (with no additional headers) into backups and 2. gain write access to the repository. This vulnerability does not disclose plaintext to the attacker, nor does it affect the authenticity of existing archives. Creating plausible fake archives may be feasible for empty or small archives, but is unlikely for large archives. The issue has been fixed in borgbackup 1.2.5. Users are advised to upgrade. Additionally to installing the fixed code, users must follow the upgrade procedure as documented in the change log. Data loss after being attacked can be avoided by reviewing the archives (timestamp and contents valid and as expected) after any \"borg check --repair\" and before \"borg prune\". There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T22:12:19.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/85183073-aa8c-44bd-8734-9f299655174c/export"/>
    <published>2023-08-30T22:12:19+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/af30823d-3cc4-46dc-a8d1-fc8e545a4ef2/export</id>
    <title>af30823d-3cc4-46dc-a8d1-fc8e545a4ef2</title>
    <updated>2026-07-09T08:03:32.174843+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "af30823d-3cc4-46dc-a8d1-fc8e545a4ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36818", "type": "seen", "source": "https://t.me/cibsecurity/66763", "content": "\u203c CVE-2023-36818 \u203c\n\nDiscourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-15T02:22:41.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/af30823d-3cc4-46dc-a8d1-fc8e545a4ef2/export"/>
    <published>2023-07-15T02:22:41+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ef8e9708-32a0-4481-a142-acf7595293ab/export</id>
    <title>ef8e9708-32a0-4481-a142-acf7595293ab</title>
    <updated>2026-07-09T08:03:32.174924+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ef8e9708-32a0-4481-a142-acf7595293ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/hunter4good/196", "content": "https://twitter.com/HunterMapping/status/1676168986189340672\n\ud83d\udea8Alert\ud83d\udea8 CVE-2023-36812 #OpenTSDB #RCE vulnerability\n\n\ud83d\udcce https://hunter.how/list?searchValue=favicon_hash%3D%227f4338a0648aaefcdb73240e8420387b%22\n\n1\u20e3 FOFA: icon_hash=\"407286339\"\n2\u20e3 Shodan: http.favicon.hash:407286339\n\nRefer to: \nhttps://securityonline.info/cve-2023-36812-opentsdb-faces-high-risk-security-vulnerability/\nhttps://github.com/OpenTSDB/opentsdb/issues/2261", "creation_timestamp": "2023-07-04T12:53:30.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ef8e9708-32a0-4481-a142-acf7595293ab/export"/>
    <published>2023-07-04T12:53:30+00:00</published>
  </entry>
</feed>
