Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-24T22:53:45.808707+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/bc52bb03-86f9-4554-ad0a-2a2a76ef887d/export bc52bb03-86f9-4554-ad0a-2a2a76ef887d 2026-06-24T22:53:45.828383+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "bc52bb03-86f9-4554-ad0a-2a2a76ef887d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27137", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lhdtaj5dbn25", "content": "", "creation_timestamp": "2025-02-04T10:16:22.540124Z"} 2025-02-04T10:16:22.540124+00:00 https://vulnerability.circl.lu/sighting/10767446-e446-468e-8424-be18af92d096/export 10767446-e446-468e-8424-be18af92d096 2026-06-24T22:53:45.828313+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "10767446-e446-468e-8424-be18af92d096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27137", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113945143877511790", "content": "", "creation_timestamp": "2025-02-04T10:28:35.752029Z"} 2025-02-04T10:28:35.752029+00:00 https://vulnerability.circl.lu/sighting/1b9a7b92-7a35-4a1e-a399-66d3611feed4/export 1b9a7b92-7a35-4a1e-a399-66d3611feed4 2026-06-24T22:53:45.828245+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "1b9a7b92-7a35-4a1e-a399-66d3611feed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27137", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdwkid5ny2r", "content": "", "creation_timestamp": "2025-02-04T11:15:38.858346Z"} 2025-02-04T11:15:38.858346+00:00 https://vulnerability.circl.lu/sighting/54493888-c3ff-4c17-bca2-0a2001636da6/export 54493888-c3ff-4c17-bca2-0a2001636da6 2026-06-24T22:53:45.828175+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "54493888-c3ff-4c17-bca2-0a2001636da6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27137", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113946004774033626", "content": "", "creation_timestamp": "2025-02-04T14:07:31.957025Z"} 2025-02-04T14:07:31.957025+00:00 https://vulnerability.circl.lu/sighting/65cbd5a7-143e-440e-98e3-434d9f229871/export 65cbd5a7-143e-440e-98e3-434d9f229871 2026-06-24T22:53:45.828104+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "65cbd5a7-143e-440e-98e3-434d9f229871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27137", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lheaqvui7t2g", "content": "", "creation_timestamp": "2025-02-04T14:18:11.926559Z"} 2025-02-04T14:18:11.926559+00:00 https://vulnerability.circl.lu/sighting/a1a5ee39-ca9f-4699-8d76-1bf6d7678324/export a1a5ee39-ca9f-4699-8d76-1bf6d7678324 2026-06-24T22:53:45.828020+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a1a5ee39-ca9f-4699-8d76-1bf6d7678324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27137", "type": "seen", "source": "https://t.me/cvedetector/17186", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-27137 - Apache Cassandra RMI Registry Man-in-the-Middle Authentication Bypass\", \n \"Content\": \"CVE ID : CVE-2024-27137 \nPublished : Feb. 4, 2025, 11:15 a.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : In Apache Cassandra it is possible for a local attacker without access \n to the Apache Cassandra process or configuration files to manipulate \nthe RMI registry to perform a man-in-the-middle attack and capture user \nnames and passwords used to access the JMX interface. The attacker can \nthen use these credentials to access the JMX interface and perform \nunauthorized operations. \n \n \nThis is same vulnerability that CVE-2020-13946 was issued for, but the Java option was changed in JDK10. \n \n \nThis issue affects Apache Cassandra from 4.0.2 through 5.0.2 running Java 11. \n \n \nOperators are recommended to upgrade to a release equal to or later than 4.0.15, 4.1.8, or 5.0.3 which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T14:43:21.000000Z"} 2025-02-04T14:43:21+00:00 https://vulnerability.circl.lu/sighting/a7aa7cef-850a-4360-bd77-3bfbe6b82f01/export a7aa7cef-850a-4360-bd77-3bfbe6b82f01 2026-06-24T22:53:45.827938+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "a7aa7cef-850a-4360-bd77-3bfbe6b82f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27137", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3801", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27137\n\ud83d\udd25 CVSS Score: 5.8 (CVSS_V3)\n\ud83d\udd39 Description: In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and perform unauthorized operations.\n\nThis is same vulnerability that CVE-2020-13946 was issued for, but the Java option was changed in JDK10.\n\nThis issue affects Apache Cassandra from 4.0.2 through 5.0.2 running Java 11.\n\nOperators are recommended to upgrade to a release equal to or later than 4.0.15, 4.1.8, or 5.0.3 which fixes the issue.\n\ud83d\udccf Published: 2025-02-04T12:30:59Z\n\ud83d\udccf Modified: 2025-02-07T17:36:28Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-27137\n2. https://github.com/apache/cassandra\n3. https://lists.apache.org/thread/jsk87d9yv8r204mgqpz1qxtp5wcrpysm", "creation_timestamp": "2025-02-07T18:02:58.000000Z"} 2025-02-07T18:02:58+00:00 https://vulnerability.circl.lu/sighting/978b2a0b-3a8a-49e5-b4d6-bf6800e608d7/export 978b2a0b-3a8a-49e5-b4d6-bf6800e608d7 2026-06-24T22:53:45.827865+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "978b2a0b-3a8a-49e5-b4d6-bf6800e608d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2713", "type": "seen", "source": "Telegram/2VmeVn49VymdkVzFqrohAYwz2ISyxGjVxjZIIAjKLQ3Ia2bG", "content": "", "creation_timestamp": "2025-02-21T22:10:25.000000Z"} 2025-02-21T22:10:25+00:00 https://vulnerability.circl.lu/sighting/b239411a-7c6b-4e48-bed8-759e07820400/export b239411a-7c6b-4e48-bed8-759e07820400 2026-06-24T22:53:45.827643+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b239411a-7c6b-4e48-bed8-759e07820400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27136", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8246", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27136\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: XSS in Upload page in Apache JSPWiki 2.12.1 and priors allows the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.2 or later. \n\ud83d\udccf Published: 2024-06-24T07:44:30.732Z\n\ud83d\udccf Modified: 2025-03-20T18:03:19.410Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/gfms8gbncqqkj52p861b8fnsypwsl1d5\n2. https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2024-27136", "creation_timestamp": "2025-03-20T18:20:42.000000Z"} 2025-03-20T18:20:42+00:00 https://vulnerability.circl.lu/sighting/bcb68ac6-0f80-4976-bc9c-5313db08af31/export bcb68ac6-0f80-4976-bc9c-5313db08af31 2026-06-24T22:53:45.824983+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "bcb68ac6-0f80-4976-bc9c-5313db08af31", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27130", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7c8cb8b0-e7da-4def-bef2-e2f6752b7ebd", "content": "", "creation_timestamp": "2026-06-23T14:06:10.154384Z"} 2026-06-23T14:06:10.154384+00:00