https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 06 Jun 2026 19:37:47 +0000 https://vulnerability.circl.lu/sighting/dc7cd4e5-1207-4838-a03a-44bfb3f16d17/export {"uuid": "dc7cd4e5-1207-4838-a03a-44bfb3f16d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "seen", "source": "https://t.me/cvedetector/6113", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45489 - Arc Remote Code Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45489 \nPublished : Sept. 20, 2024, 5:15 p.m. | 24\u00a0minutes ago \nDescription : Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however, it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"20 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-20T19:45:10.000000Z"} {"uuid": "dc7cd4e5-1207-4838-a03a-44bfb3f16d17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "seen", "source": "https://t.me/cvedetector/6113", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45489 - Arc Remote Code Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45489 \nPublished : Sept. 20, 2024, 5:15 p.m. | 24\u00a0minutes ago \nDescription : Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run JavaScript cannot be shared by default; however, it is possible to create or update a boost using another user's ID. This installs the boost in the victim's browser and runs arbitrary Javascript on that browser in a privileged context. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"20 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-20T19:45:10.000000Z"} https://vulnerability.circl.lu/sighting/dc7cd4e5-1207-4838-a03a-44bfb3f16d17/export Fri, 20 Sep 2024 19:45:10 +0000 https://vulnerability.circl.lu/sighting/e043661b-59be-4ef7-a178-389df46ce78b/export {"uuid": "e043661b-59be-4ef7-a178-389df46ce78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "seen", "source": "Telegram/7gCCrXcF7kplbW8vCcSuolSiDuLcYtPRKYzfdVi7ua9f0qw", "content": "", "creation_timestamp": "2024-09-23T08:30:38.000000Z"} {"uuid": "e043661b-59be-4ef7-a178-389df46ce78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "seen", "source": "Telegram/7gCCrXcF7kplbW8vCcSuolSiDuLcYtPRKYzfdVi7ua9f0qw", "content": "", "creation_timestamp": "2024-09-23T08:30:38.000000Z"} https://vulnerability.circl.lu/sighting/e043661b-59be-4ef7-a178-389df46ce78b/export Mon, 23 Sep 2024 08:30:38 +0000 https://vulnerability.circl.lu/sighting/03abccc2-937f-4316-b10d-98358ef0385c/export {"uuid": "03abccc2-937f-4316-b10d-98358ef0385c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "exploited", "source": "https://t.me/xakep_ru/16487", "content": "\u0411\u0440\u0430\u0443\u0437\u0435\u0440 Arc \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 bug bounty \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Arc, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f The Browser Company, \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0438 \u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b bug bounty, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0437\u0430 \u044d\u0442\u043e \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u044f. \u041a \u044d\u0442\u043e\u043c\u0443 \u0448\u0430\u0433\u0443 \u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0435\u0439 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u0434\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-45489, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Arc.\n\nhttps://xakep.ru/2024/10/02/arc-bug-bounty/", "creation_timestamp": "2024-10-02T14:39:58.000000Z"} {"uuid": "03abccc2-937f-4316-b10d-98358ef0385c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "exploited", "source": "https://t.me/xakep_ru/16487", "content": "\u0411\u0440\u0430\u0443\u0437\u0435\u0440 Arc \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 bug bounty \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Arc, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f The Browser Company, \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0438 \u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b bug bounty, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u043e\u0433\u0443\u0442 \u0441\u043e\u043e\u0431\u0449\u0430\u0442\u044c \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0437\u0430 \u044d\u0442\u043e \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u044f. \u041a \u044d\u0442\u043e\u043c\u0443 \u0448\u0430\u0433\u0443 \u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0435\u0439 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u0434\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-45489, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Arc.\n\nhttps://xakep.ru/2024/10/02/arc-bug-bounty/", "creation_timestamp": "2024-10-02T14:39:58.000000Z"} https://vulnerability.circl.lu/sighting/03abccc2-937f-4316-b10d-98358ef0385c/export Wed, 02 Oct 2024 14:39:58 +0000 https://vulnerability.circl.lu/sighting/973cbb16-66bd-42e2-a496-ea24db34b121/export {"uuid": "973cbb16-66bd-42e2-a496-ea24db34b121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4904", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769", "creation_timestamp": "2024-10-02T16:38:47.000000Z"} {"uuid": "973cbb16-66bd-42e2-a496-ea24db34b121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4904", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769", "creation_timestamp": "2024-10-02T16:38:47.000000Z"} https://vulnerability.circl.lu/sighting/973cbb16-66bd-42e2-a496-ea24db34b121/export Wed, 02 Oct 2024 16:38:47 +0000 https://vulnerability.circl.lu/sighting/ac7cd0c9-6124-47fb-98e7-a5e0731bf442/export {"uuid": "ac7cd0c9-6124-47fb-98e7-a5e0731bf442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1582", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769", "creation_timestamp": "2024-10-02T16:38:48.000000Z"} {"uuid": "ac7cd0c9-6124-47fb-98e7-a5e0731bf442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1582", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769", "creation_timestamp": "2024-10-02T16:38:48.000000Z"} https://vulnerability.circl.lu/sighting/ac7cd0c9-6124-47fb-98e7-a5e0731bf442/export Wed, 02 Oct 2024 16:38:48 +0000 https://vulnerability.circl.lu/sighting/d536a163-ea65-46e4-9dd9-319a5b821f7c/export {"uuid": "d536a163-ea65-46e4-9dd9-319a5b821f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11202", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769\n\n4. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519", "creation_timestamp": "2024-11-01T03:20:06.000000Z"} {"uuid": "d536a163-ea65-46e4-9dd9-319a5b821f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45489", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11202", "content": "#exploit\n1. CVE-2024-45489:\nArc Browser RCE in JavaScript Boosts\nhttps://kibty.town/blog/arc\n\n2. CVE-2024-44623:\nBlind RCE issue(SPX-GC) in SPX-GC\nhttps://github.com/merbinr/CVE-2024-44623\n\n3. CVE-2024-6769:\nPoisoning the activation cache to elevate from medium to high integrity in Windows 10/11/Srv2019/Srv2022\nhttps://github.com/fortra/CVE-2024-6769\n\n4. CVE-2024-45519: \nZimbra SMTP RCE\nhttps://blog.projectdiscovery.io/zimbra-remote-code-execution\n]-> https://github.com/p33d/CVE-2024-45519", "creation_timestamp": "2024-11-01T03:20:06.000000Z"} https://vulnerability.circl.lu/sighting/d536a163-ea65-46e4-9dd9-319a5b821f7c/export Fri, 01 Nov 2024 03:20:06 +0000