Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 12 May 2026 04:22:05 +0000 81d86fa0-c21b-4768-a52f-b2265398b995 https://vulnerability.circl.lu/sighting/81d86fa0-c21b-4768-a52f-b2265398b995/export {"uuid": "81d86fa0-c21b-4768-a52f-b2265398b995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4187", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20097\n\ud83d\udd25 CVSS Score: 4.2 (CVSS_V3)\n\ud83d\udd39 Description: Uncaught exception in OpenBMC Firmware for the Intel(R) Server M50FCP Family and Intel(R) Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial of service via network access.\n\ud83d\udccf Published: 2025-02-13T00:33:07Z\n\ud83d\udccf Modified: 2025-02-13T00:33:07Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-20097\n2. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00990.html", "creation_timestamp": "2025-02-13T01:09:55.000000Z"} {"uuid": "81d86fa0-c21b-4768-a52f-b2265398b995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4187", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20097\n\ud83d\udd25 CVSS Score: 4.2 (CVSS_V3)\n\ud83d\udd39 Description: Uncaught exception in OpenBMC Firmware for the Intel(R) Server M50FCP Family and Intel(R) Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial of service via network access.\n\ud83d\udccf Published: 2025-02-13T00:33:07Z\n\ud83d\udccf Modified: 2025-02-13T00:33:07Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-20097\n2. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00990.html", "creation_timestamp": "2025-02-13T01:09:55.000000Z"} https://vulnerability.circl.lu/sighting/81d86fa0-c21b-4768-a52f-b2265398b995/export Thu, 13 Feb 2025 01:09:55 +0000 1f3377a8-969e-47bb-85f6-2f5fe312121a https://vulnerability.circl.lu/sighting/1f3377a8-969e-47bb-85f6-2f5fe312121a/export {"uuid": "1f3377a8-969e-47bb-85f6-2f5fe312121a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113993921386449567", "content": "", "creation_timestamp": "2025-02-13T01:13:21.210993Z"} {"uuid": "1f3377a8-969e-47bb-85f6-2f5fe312121a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113993921386449567", "content": "", "creation_timestamp": "2025-02-13T01:13:21.210993Z"} https://vulnerability.circl.lu/sighting/1f3377a8-969e-47bb-85f6-2f5fe312121a/export Thu, 13 Feb 2025 01:13:21 +0000 82429052-f291-4264-a78c-d2c110ff110c https://vulnerability.circl.lu/sighting/82429052-f291-4264-a78c-d2c110ff110c/export {"uuid": "82429052-f291-4264-a78c-d2c110ff110c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhzn3zporm26", "content": "", "creation_timestamp": "2025-02-13T02:25:07.435056Z"} {"uuid": "82429052-f291-4264-a78c-d2c110ff110c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20097", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhzn3zporm26", "content": "", "creation_timestamp": "2025-02-13T02:25:07.435056Z"} https://vulnerability.circl.lu/sighting/82429052-f291-4264-a78c-d2c110ff110c/export Thu, 13 Feb 2025 02:25:07 +0000 d32fec20-8a3b-42f8-bd91-277bd6346c79 https://vulnerability.circl.lu/sighting/d32fec20-8a3b-42f8-bd91-277bd6346c79/export {"uuid": "d32fec20-8a3b-42f8-bd91-277bd6346c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20091", "type": "seen", "source": "https://t.me/cvedetector/19458", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-20091 - OpenHarmony Use After Free Arbitrary Code Execution\", \n \"Content\": \"CVE ID : CVE-2025-20091 \nPublished : March 4, 2025, 4:15 a.m. | 22\u00a0minutes ago \nDescription : in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. \nSeverity: 3.8 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T05:48:07.000000Z"} {"uuid": "d32fec20-8a3b-42f8-bd91-277bd6346c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20091", "type": "seen", "source": "https://t.me/cvedetector/19458", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-20091 - OpenHarmony Use After Free Arbitrary Code Execution\", \n \"Content\": \"CVE ID : CVE-2025-20091 \nPublished : March 4, 2025, 4:15 a.m. | 22\u00a0minutes ago \nDescription : in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. This vulnerability can be exploited only in restricted scenarios. \nSeverity: 3.8 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-04T05:48:07.000000Z"} https://vulnerability.circl.lu/sighting/d32fec20-8a3b-42f8-bd91-277bd6346c79/export Tue, 04 Mar 2025 05:48:07 +0000 1e3815a4-396c-4a83-8a86-ab8252959175 https://vulnerability.circl.lu/sighting/1e3815a4-396c-4a83-8a86-ab8252959175/export {"uuid": "1e3815a4-396c-4a83-8a86-ab8252959175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8816", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2009\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logging functionality in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-03-26T08:21:50.914Z\n\ud83d\udccf Modified: 2025-03-26T08:21:50.914Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/3825c80c-e4b1-4dd8-be77-38f718920b9a?source=cve\n2. https://plugins.trac.wordpress.org/browser/newsletters-lite/trunk/views/admin/settings/view_logs.php?rev=3212300#L107\n3. https://plugins.trac.wordpress.org/changeset/3257980/newsletters-lite/trunk/views/admin/settings/view_logs.php", "creation_timestamp": "2025-03-26T09:26:00.000000Z"} {"uuid": "1e3815a4-396c-4a83-8a86-ab8252959175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8816", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2009\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logging functionality in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-03-26T08:21:50.914Z\n\ud83d\udccf Modified: 2025-03-26T08:21:50.914Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/3825c80c-e4b1-4dd8-be77-38f718920b9a?source=cve\n2. https://plugins.trac.wordpress.org/browser/newsletters-lite/trunk/views/admin/settings/view_logs.php?rev=3212300#L107\n3. https://plugins.trac.wordpress.org/changeset/3257980/newsletters-lite/trunk/views/admin/settings/view_logs.php", "creation_timestamp": "2025-03-26T09:26:00.000000Z"} https://vulnerability.circl.lu/sighting/1e3815a4-396c-4a83-8a86-ab8252959175/export Wed, 26 Mar 2025 09:26:00 +0000 81ace1c2-d318-4680-8f44-47dc39b1fe2d https://vulnerability.circl.lu/sighting/81ace1c2-d318-4680-8f44-47dc39b1fe2d/export {"uuid": "81ace1c2-d318-4680-8f44-47dc39b1fe2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "seen", "source": "Telegram/vxFeWKT3kumdU6cdBVzu6teCfmUQZJYA4HbhY0-VOVXPavQ", "content": "", "creation_timestamp": "2025-03-26T10:01:12.000000Z"} {"uuid": "81ace1c2-d318-4680-8f44-47dc39b1fe2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "seen", "source": "Telegram/vxFeWKT3kumdU6cdBVzu6teCfmUQZJYA4HbhY0-VOVXPavQ", "content": "", "creation_timestamp": "2025-03-26T10:01:12.000000Z"} https://vulnerability.circl.lu/sighting/81ace1c2-d318-4680-8f44-47dc39b1fe2d/export Wed, 26 Mar 2025 10:01:12 +0000 fa816b14-0cf9-4454-a7e7-6667fd107318 https://vulnerability.circl.lu/sighting/fa816b14-0cf9-4454-a7e7-6667fd107318/export {"uuid": "fa816b14-0cf9-4454-a7e7-6667fd107318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "seen", "source": "https://t.me/cvedetector/21159", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2009 - WordPress Newsletters Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2009 \nPublished : March 26, 2025, 9:15 a.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logging functionality in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"26 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T12:12:47.000000Z"} {"uuid": "fa816b14-0cf9-4454-a7e7-6667fd107318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2009", "type": "seen", "source": "https://t.me/cvedetector/21159", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2009 - WordPress Newsletters Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2009 \nPublished : March 26, 2025, 9:15 a.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the logging functionality in all versions up to, and including, 4.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"26 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T12:12:47.000000Z"} https://vulnerability.circl.lu/sighting/fa816b14-0cf9-4454-a7e7-6667fd107318/export Wed, 26 Mar 2025 12:12:47 +0000 b1b180fb-9e12-4e8e-b6e5-6b1d8810280f https://vulnerability.circl.lu/sighting/b1b180fb-9e12-4e8e-b6e5-6b1d8810280f/export {"uuid": "b1b180fb-9e12-4e8e-b6e5-6b1d8810280f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20095", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20095\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Incorrect Default Permissions for some Intel(R) RealSense\u2122 SDK software before version 2.56.2 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2025-05-13T21:02:10.612Z\n\ud83d\udccf Modified: 2025-05-16T03:55:55.436Z\n\ud83d\udd17 References:\n1. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01305.html", "creation_timestamp": "2025-05-16T04:33:57.000000Z"} {"uuid": "b1b180fb-9e12-4e8e-b6e5-6b1d8810280f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20095", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20095\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Incorrect Default Permissions for some Intel(R) RealSense\u2122 SDK software before version 2.56.2 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2025-05-13T21:02:10.612Z\n\ud83d\udccf Modified: 2025-05-16T03:55:55.436Z\n\ud83d\udd17 References:\n1. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01305.html", "creation_timestamp": "2025-05-16T04:33:57.000000Z"} https://vulnerability.circl.lu/sighting/b1b180fb-9e12-4e8e-b6e5-6b1d8810280f/export Fri, 16 May 2025 04:33:57 +0000 90290016-63ff-4df4-83c6-e5e4acaf4921 https://vulnerability.circl.lu/sighting/90290016-63ff-4df4-83c6-e5e4acaf4921/export {"uuid": "90290016-63ff-4df4-83c6-e5e4acaf4921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20093", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lw7wvwaxwf2q", "content": "", "creation_timestamp": "2025-08-12T18:29:17.791011Z"} {"uuid": "90290016-63ff-4df4-83c6-e5e4acaf4921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20093", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lw7wvwaxwf2q", "content": "", "creation_timestamp": "2025-08-12T18:29:17.791011Z"} https://vulnerability.circl.lu/sighting/90290016-63ff-4df4-83c6-e5e4acaf4921/export Tue, 12 Aug 2025 18:29:17 +0000 d94e87d6-c3fc-4e1b-9fb8-ea5191845095 https://vulnerability.circl.lu/sighting/d94e87d6-c3fc-4e1b-9fb8-ea5191845095/export {"uuid": "d94e87d6-c3fc-4e1b-9fb8-ea5191845095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20091", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"} {"uuid": "d94e87d6-c3fc-4e1b-9fb8-ea5191845095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20091", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:45.000000Z"} https://vulnerability.circl.lu/sighting/d94e87d6-c3fc-4e1b-9fb8-ea5191845095/export Tue, 19 Aug 2025 13:26:45 +0000