https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 09:42:42 +0000 https://vulnerability.circl.lu/sighting/fc06152b-25e6-42aa-a4c7-3e7015d09a70/export {"uuid": "fc06152b-25e6-42aa-a4c7-3e7015d09a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "seen", "source": "https://t.me/cvedetector/6212", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-43201 - Planet Fitness Workouts TLS Certificate Validation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-43201 \nPublished : Sept. 23, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T23:00:43.000000Z"} {"uuid": "fc06152b-25e6-42aa-a4c7-3e7015d09a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "seen", "source": "https://t.me/cvedetector/6212", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-43201 - Planet Fitness Workouts TLS Certificate Validation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-43201 \nPublished : Sept. 23, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T23:00:43.000000Z"} https://vulnerability.circl.lu/sighting/fc06152b-25e6-42aa-a4c7-3e7015d09a70/export Mon, 23 Sep 2024 23:00:43 +0000 https://vulnerability.circl.lu/sighting/0fb03161-2143-4558-9547-ae02859e1658/export {"uuid": "0fb03161-2143-4558-9547-ae02859e1658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5951", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43201\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Planet Fitness Workouts iOS and Android mobile apps fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. Planet Fitness first addressed this vulnerability in version 9.8.12 (released on 2024-07-25) and more recently in version 9.9.13 (released on 2025-02-11).\n\ud83d\udccf Published: 2024-09-23T19:11:39.193Z\n\ud83d\udccf Modified: 2025-02-28T17:23:31.051Z\n\ud83d\udd17 References:\n1. https://apps.apple.com/us/app/planet-fitness-workouts/id399857015\n2. https://dontvacuum.me/bugs/pf/", "creation_timestamp": "2025-02-28T18:26:38.000000Z"} {"uuid": "0fb03161-2143-4558-9547-ae02859e1658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5951", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43201\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Planet Fitness Workouts iOS and Android mobile apps fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. Planet Fitness first addressed this vulnerability in version 9.8.12 (released on 2024-07-25) and more recently in version 9.9.13 (released on 2025-02-11).\n\ud83d\udccf Published: 2024-09-23T19:11:39.193Z\n\ud83d\udccf Modified: 2025-02-28T17:23:31.051Z\n\ud83d\udd17 References:\n1. https://apps.apple.com/us/app/planet-fitness-workouts/id399857015\n2. https://dontvacuum.me/bugs/pf/", "creation_timestamp": "2025-02-28T18:26:38.000000Z"} https://vulnerability.circl.lu/sighting/0fb03161-2143-4558-9547-ae02859e1658/export Fri, 28 Feb 2025 18:26:38 +0000 https://vulnerability.circl.lu/sighting/b09fabb2-f684-4df7-a866-9d3a4c33dfec/export {"uuid": "b09fabb2-f684-4df7-a866-9d3a4c33dfec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "seen", "source": "Telegram/S4hSI_m4ZBIsMh9ALdF-0QLCuU2-pH9zm01uVL3k81mKYYVW", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"} {"uuid": "b09fabb2-f684-4df7-a866-9d3a4c33dfec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43201", "type": "seen", "source": "Telegram/S4hSI_m4ZBIsMh9ALdF-0QLCuU2-pH9zm01uVL3k81mKYYVW", "content": "", "creation_timestamp": "2025-03-02T11:45:38.000000Z"} https://vulnerability.circl.lu/sighting/b09fabb2-f684-4df7-a866-9d3a4c33dfec/export Sun, 02 Mar 2025 11:45:38 +0000