Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 03:42:21 +0000 76224e4d-a21f-406c-a04d-6e73e2a05478 https://vulnerability.circl.lu/sighting/76224e4d-a21f-406c-a04d-6e73e2a05478/export {"uuid": "76224e4d-a21f-406c-a04d-6e73e2a05478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/cvedetector/1554", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39676 - Apache Pinot Sensitive Information Disclosure\", \n \"Content\": \"CVE ID : CVE-2024-39676 \nPublished : July 24, 2024, 8:15 a.m. | 27\u00a0minutes ago \nDescription : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot. \n \nThis issue affects Apache Pinot: from 0.1 before 1.0.0. \n \nUsers are recommended to upgrade to version 1.0.0\u00a0and configure RBAC, which fixes the issue. \n \nDetails:\u00a0 \n \nWhen using a request to path \u201c/appconfigs\u201d to the controller, it can lead to the disclosure of sensitive information such as system information (e.g. arch, os version), environment information (e.g. maxHeapSize) and Pinot configurations (e.g. zookeeper path). This issue was addressed by the Role-based Access Control , so that /appConfigs` and all other APIs can be access controlled. Only authorized users have access to it. Note the user needs to add the admin role accordingly to the RBAC guide to control access to this endpoint, and in the future version of Pinot, a default admin role is planned to be added. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T10:47:53.000000Z"} {"uuid": "76224e4d-a21f-406c-a04d-6e73e2a05478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/cvedetector/1554", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-39676 - Apache Pinot Sensitive Information Disclosure\", \n \"Content\": \"CVE ID : CVE-2024-39676 \nPublished : July 24, 2024, 8:15 a.m. | 27\u00a0minutes ago \nDescription : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot. \n \nThis issue affects Apache Pinot: from 0.1 before 1.0.0. \n \nUsers are recommended to upgrade to version 1.0.0\u00a0and configure RBAC, which fixes the issue. \n \nDetails:\u00a0 \n \nWhen using a request to path \u201c/appconfigs\u201d to the controller, it can lead to the disclosure of sensitive information such as system information (e.g. arch, os version), environment information (e.g. maxHeapSize) and Pinot configurations (e.g. zookeeper path). This issue was addressed by the Role-based Access Control , so that /appConfigs` and all other APIs can be access controlled. Only authorized users have access to it. Note the user needs to add the admin role accordingly to the RBAC guide to control access to this endpoint, and in the future version of Pinot, a default admin role is planned to be added. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T10:47:53.000000Z"} https://vulnerability.circl.lu/sighting/76224e4d-a21f-406c-a04d-6e73e2a05478/export Wed, 24 Jul 2024 10:47:53 +0000 1050e968-7f71-4fbc-8a29-2cfdc98093da https://vulnerability.circl.lu/sighting/1050e968-7f71-4fbc-8a29-2cfdc98093da/export {"uuid": "1050e968-7f71-4fbc-8a29-2cfdc98093da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/dilagrafie/3515", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-27T11:15:04.000000Z"} {"uuid": "1050e968-7f71-4fbc-8a29-2cfdc98093da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/dilagrafie/3515", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-27T11:15:04.000000Z"} https://vulnerability.circl.lu/sighting/1050e968-7f71-4fbc-8a29-2cfdc98093da/export Sat, 27 Jul 2024 11:15:04 +0000 acc7659f-feb6-40ca-9d1e-513478e95d04 https://vulnerability.circl.lu/sighting/acc7659f-feb6-40ca-9d1e-513478e95d04/export {"uuid": "acc7659f-feb6-40ca-9d1e-513478e95d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/GrayHatsHack/8346", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-27T11:18:27.000000Z"} {"uuid": "acc7659f-feb6-40ca-9d1e-513478e95d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/GrayHatsHack/8346", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-27T11:18:27.000000Z"} https://vulnerability.circl.lu/sighting/acc7659f-feb6-40ca-9d1e-513478e95d04/export Sat, 27 Jul 2024 11:18:27 +0000 bed59ff9-10f1-496c-a66f-5d9921037ae1 https://vulnerability.circl.lu/sighting/bed59ff9-10f1-496c-a66f-5d9921037ae1/export {"uuid": "bed59ff9-10f1-496c-a66f-5d9921037ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/GrayHatsHack/7039", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-27T11:18:27.000000Z"} {"uuid": "bed59ff9-10f1-496c-a66f-5d9921037ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/GrayHatsHack/7039", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-27T11:18:27.000000Z"} https://vulnerability.circl.lu/sighting/bed59ff9-10f1-496c-a66f-5d9921037ae1/export Sat, 27 Jul 2024 11:18:27 +0000 438c50d6-d276-4bb1-978f-07a059ff9d22 https://vulnerability.circl.lu/sighting/438c50d6-d276-4bb1-978f-07a059ff9d22/export {"uuid": "438c50d6-d276-4bb1-978f-07a059ff9d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7613", "content": "\u200aCVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed\n\nhttps://securityonline.info/cve-2024-39676-apache-pinot-flaw-exposes-sensitive-data-urgent-upgrade-needed/", "creation_timestamp": "2024-07-27T14:17:25.000000Z"} {"uuid": "438c50d6-d276-4bb1-978f-07a059ff9d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/7613", "content": "\u200aCVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed\n\nhttps://securityonline.info/cve-2024-39676-apache-pinot-flaw-exposes-sensitive-data-urgent-upgrade-needed/", "creation_timestamp": "2024-07-27T14:17:25.000000Z"} https://vulnerability.circl.lu/sighting/438c50d6-d276-4bb1-978f-07a059ff9d22/export Sat, 27 Jul 2024 14:17:25 +0000 5345aa31-da9f-4944-b3df-55b088847ae0 https://vulnerability.circl.lu/sighting/5345aa31-da9f-4944-b3df-55b088847ae0/export {"uuid": "5345aa31-da9f-4944-b3df-55b088847ae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/CyberBulletin/172", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-28T11:20:35.000000Z"} {"uuid": "5345aa31-da9f-4944-b3df-55b088847ae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/CyberBulletin/172", "content": "\u26a1CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed.\n\n#CyberBulletin", "creation_timestamp": "2024-07-28T11:20:35.000000Z"} https://vulnerability.circl.lu/sighting/5345aa31-da9f-4944-b3df-55b088847ae0/export Sun, 28 Jul 2024 11:20:35 +0000 f5d5268d-f743-4c3d-b0c9-5bccc3f77545 https://vulnerability.circl.lu/sighting/f5d5268d-f743-4c3d-b0c9-5bccc3f77545/export {"uuid": "f5d5268d-f743-4c3d-b0c9-5bccc3f77545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7612", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-39676\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot.\n\nThis issue affects Apache Pinot: from 0.1 before 1.0.0.\n\nUsers are recommended to upgrade to version 1.0.0\u00a0and configure RBAC, which fixes the issue.\n\nDetails:\u00a0\n\nWhen using a request to path \u201c/appconfigs\u201d to the controller, it can lead to the disclosure of sensitive information such as system information (e.g. arch, os version), environment information (e.g. maxHeapSize) and Pinot configurations (e.g. zookeeper path). This issue was addressed by the Role-based Access Control https://docs.pinot.apache.org/operators/tutorials/authentication/basic-auth-access-control , so that /appConfigs` and all other APIs can be access controlled. Only authorized users have access to it. Note the user needs to add the admin role accordingly to the RBAC guide to control access to this endpoint, and in the future version of Pinot, a default admin role is planned to be added.\n\n\n\ud83d\udccf Published: 2024-07-24T07:41:09.856Z\n\ud83d\udccf Modified: 2025-03-14T17:19:59.450Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/hsm0b2w8qr0sqy4rj1mfnnw286tslpzc", "creation_timestamp": "2025-03-14T17:49:00.000000Z"} {"uuid": "f5d5268d-f743-4c3d-b0c9-5bccc3f77545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39676", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7612", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-39676\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot.\n\nThis issue affects Apache Pinot: from 0.1 before 1.0.0.\n\nUsers are recommended to upgrade to version 1.0.0\u00a0and configure RBAC, which fixes the issue.\n\nDetails:\u00a0\n\nWhen using a request to path \u201c/appconfigs\u201d to the controller, it can lead to the disclosure of sensitive information such as system information (e.g. arch, os version), environment information (e.g. maxHeapSize) and Pinot configurations (e.g. zookeeper path). This issue was addressed by the Role-based Access Control https://docs.pinot.apache.org/operators/tutorials/authentication/basic-auth-access-control , so that /appConfigs` and all other APIs can be access controlled. Only authorized users have access to it. Note the user needs to add the admin role accordingly to the RBAC guide to control access to this endpoint, and in the future version of Pinot, a default admin role is planned to be added.\n\n\n\ud83d\udccf Published: 2024-07-24T07:41:09.856Z\n\ud83d\udccf Modified: 2025-03-14T17:19:59.450Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/hsm0b2w8qr0sqy4rj1mfnnw286tslpzc", "creation_timestamp": "2025-03-14T17:49:00.000000Z"} https://vulnerability.circl.lu/sighting/f5d5268d-f743-4c3d-b0c9-5bccc3f77545/export Fri, 14 Mar 2025 17:49:00 +0000