Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 19:59:20 +0000 bc9645f3-7522-4b79-971f-32b371b07e02 https://vulnerability.circl.lu/sighting/bc9645f3-7522-4b79-971f-32b371b07e02/export {"uuid": "bc9645f3-7522-4b79-971f-32b371b07e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27088", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4824", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27088\n\ud83d\udd25 CVSS Score: 8.4 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N)\n\ud83d\udd39 Description: oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It's possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL path provided by the `Request.URL.Path` variable, which is then rendered directly into the HTML without proper sanitization or escaping. This can be abused by attackers who craft a malicious URL containing injected HTML or JavaScript. When users visit such a URL, the malicious script will be executed in the user's context. This issue has been addressed in version 4.18.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-02-20T22:33:50.646Z\n\ud83d\udccf Modified: 2025-02-20T22:33:50.646Z\n\ud83d\udd17 References:\n1. https://github.com/oxyno-zeta/s3-proxy/security/advisories/GHSA-pp9m-qf39-hxjc\n2. https://github.com/oxyno-zeta/s3-proxy/commit/c611c741ed4872ea3f46232be23bb830f96f9564\n3. https://github.com/oxyno-zeta/s3-proxy/blob/master/templates/folder-list.tpl#L19C21-L19C38", "creation_timestamp": "2025-02-20T23:16:57.000000Z"} {"uuid": "bc9645f3-7522-4b79-971f-32b371b07e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27088", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4824", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27088\n\ud83d\udd25 CVSS Score: 8.4 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N)\n\ud83d\udd39 Description: oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It's possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL path provided by the `Request.URL.Path` variable, which is then rendered directly into the HTML without proper sanitization or escaping. This can be abused by attackers who craft a malicious URL containing injected HTML or JavaScript. When users visit such a URL, the malicious script will be executed in the user's context. This issue has been addressed in version 4.18.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-02-20T22:33:50.646Z\n\ud83d\udccf Modified: 2025-02-20T22:33:50.646Z\n\ud83d\udd17 References:\n1. https://github.com/oxyno-zeta/s3-proxy/security/advisories/GHSA-pp9m-qf39-hxjc\n2. https://github.com/oxyno-zeta/s3-proxy/commit/c611c741ed4872ea3f46232be23bb830f96f9564\n3. https://github.com/oxyno-zeta/s3-proxy/blob/master/templates/folder-list.tpl#L19C21-L19C38", "creation_timestamp": "2025-02-20T23:16:57.000000Z"} https://vulnerability.circl.lu/sighting/bc9645f3-7522-4b79-971f-32b371b07e02/export Thu, 20 Feb 2025 23:16:57 +0000 5f599608-a989-4944-8339-e5721c2f6913 https://vulnerability.circl.lu/sighting/5f599608-a989-4944-8339-e5721c2f6913/export {"uuid": "5f599608-a989-4944-8339-e5721c2f6913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27088", "type": "seen", "source": "https://t.me/cvedetector/18606", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27088 - AWS S3 Proxy - Reflected Cross-site Scripting (XSS) in oxyno-zeta\", \n \"Content\": \"CVE ID : CVE-2025-27088 \nPublished : Feb. 20, 2025, 11:15 p.m. | 27\u00a0minutes ago \nDescription : oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It's possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL path provided by the `Request.URL.Path` variable, which is then rendered directly into the HTML without proper sanitization or escaping. This can be abused by attackers who craft a malicious URL containing injected HTML or JavaScript. When users visit such a URL, the malicious script will be executed in the user's context. This issue has been addressed in version 4.18.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T00:54:18.000000Z"} {"uuid": "5f599608-a989-4944-8339-e5721c2f6913", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27088", "type": "seen", "source": "https://t.me/cvedetector/18606", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27088 - AWS S3 Proxy - Reflected Cross-site Scripting (XSS) in oxyno-zeta\", \n \"Content\": \"CVE ID : CVE-2025-27088 \nPublished : Feb. 20, 2025, 11:15 p.m. | 27\u00a0minutes ago \nDescription : oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It's possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL path provided by the `Request.URL.Path` variable, which is then rendered directly into the HTML without proper sanitization or escaping. This can be abused by attackers who craft a malicious URL containing injected HTML or JavaScript. When users visit such a URL, the malicious script will be executed in the user's context. This issue has been addressed in version 4.18.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T00:54:18.000000Z"} https://vulnerability.circl.lu/sighting/5f599608-a989-4944-8339-e5721c2f6913/export Fri, 21 Feb 2025 00:54:18 +0000