Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 05 Jun 2026 18:30:00 +0000 05203780-ee3c-4e24-9569-92613b3afe24 https://vulnerability.circl.lu/sighting/05203780-ee3c-4e24-9569-92613b3afe24/export {"uuid": "05203780-ee3c-4e24-9569-92613b3afe24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4688", "type": "seen", "source": "https://t.me/cibsecurity/69598", "content": "\u203c CVE-2023-4688 \u203c\n\nSensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T00:13:16.000000Z"} {"uuid": "05203780-ee3c-4e24-9569-92613b3afe24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4688", "type": "seen", "source": "https://t.me/cibsecurity/69598", "content": "\u203c CVE-2023-4688 \u203c\n\nSensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35433.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T00:13:16.000000Z"} https://vulnerability.circl.lu/sighting/05203780-ee3c-4e24-9569-92613b3afe24/export Fri, 01 Sep 2023 00:13:16 +0000 fc5a57c8-d140-48b6-829d-f55ccdd52cfa https://vulnerability.circl.lu/sighting/fc5a57c8-d140-48b6-829d-f55ccdd52cfa/export {"uuid": "fc5a57c8-d140-48b6-829d-f55ccdd52cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46886", "type": "seen", "source": "https://t.me/ctinow/156805", "content": "https://ift.tt/mWaOfDA\nCVE-2023-46886 | Dreamer CMS up to 4.0.0 Background Template Management path traversal", "creation_timestamp": "2023-12-20T08:41:53.000000Z"} {"uuid": "fc5a57c8-d140-48b6-829d-f55ccdd52cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46886", "type": "seen", "source": "https://t.me/ctinow/156805", "content": "https://ift.tt/mWaOfDA\nCVE-2023-46886 | Dreamer CMS up to 4.0.0 Background Template Management path traversal", "creation_timestamp": "2023-12-20T08:41:53.000000Z"} https://vulnerability.circl.lu/sighting/fc5a57c8-d140-48b6-829d-f55ccdd52cfa/export Wed, 20 Dec 2023 08:41:53 +0000 69fc9b50-6568-49e4-8ead-61226d8ac0ac https://vulnerability.circl.lu/sighting/69fc9b50-6568-49e4-8ead-61226d8ac0ac/export {"uuid": "69fc9b50-6568-49e4-8ead-61226d8ac0ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46887", "type": "seen", "source": "https://t.me/ctinow/156828", "content": "https://ift.tt/qImeDMX\nCVE-2023-46887 | Dreamer CMS up to 4.0.0 Backend Attachment Management Office information disclosure", "creation_timestamp": "2023-12-20T09:42:32.000000Z"} {"uuid": "69fc9b50-6568-49e4-8ead-61226d8ac0ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46887", "type": "seen", "source": "https://t.me/ctinow/156828", "content": "https://ift.tt/qImeDMX\nCVE-2023-46887 | Dreamer CMS up to 4.0.0 Backend Attachment Management Office information disclosure", "creation_timestamp": "2023-12-20T09:42:32.000000Z"} https://vulnerability.circl.lu/sighting/69fc9b50-6568-49e4-8ead-61226d8ac0ac/export Wed, 20 Dec 2023 09:42:32 +0000 e8f5da1b-1f98-457a-a90c-2c2a86fc87f2 https://vulnerability.circl.lu/sighting/e8f5da1b-1f98-457a-a90c-2c2a86fc87f2/export {"uuid": "e8f5da1b-1f98-457a-a90c-2c2a86fc87f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46889", "type": "seen", "source": "https://t.me/ctinow/172317", "content": "https://ift.tt/8OenbjF\nCVE-2023-46889", "creation_timestamp": "2024-01-23T21:26:27.000000Z"} {"uuid": "e8f5da1b-1f98-457a-a90c-2c2a86fc87f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46889", "type": "seen", "source": "https://t.me/ctinow/172317", "content": "https://ift.tt/8OenbjF\nCVE-2023-46889", "creation_timestamp": "2024-01-23T21:26:27.000000Z"} https://vulnerability.circl.lu/sighting/e8f5da1b-1f98-457a-a90c-2c2a86fc87f2/export Tue, 23 Jan 2024 21:26:27 +0000 38a71e26-5687-4733-8391-dfe94d58399f https://vulnerability.circl.lu/sighting/38a71e26-5687-4733-8391-dfe94d58399f/export {"uuid": "38a71e26-5687-4733-8391-dfe94d58399f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46889", "type": "seen", "source": "https://t.me/ctinow/186928", "content": "https://ift.tt/t9hFpTl\nCVE-2023-46889 | Meross MSH30Q up to 4.5.23 Device Setup cleartext transmission", "creation_timestamp": "2024-02-17T14:06:56.000000Z"} {"uuid": "38a71e26-5687-4733-8391-dfe94d58399f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46889", "type": "seen", "source": "https://t.me/ctinow/186928", "content": "https://ift.tt/t9hFpTl\nCVE-2023-46889 | Meross MSH30Q up to 4.5.23 Device Setup cleartext transmission", "creation_timestamp": "2024-02-17T14:06:56.000000Z"} https://vulnerability.circl.lu/sighting/38a71e26-5687-4733-8391-dfe94d58399f/export Sat, 17 Feb 2024 14:06:56 +0000 4dfaec70-0fde-4cae-92d4-d9ae3f340467 https://vulnerability.circl.lu/sighting/4dfaec70-0fde-4cae-92d4-d9ae3f340467/export {"uuid": "4dfaec70-0fde-4cae-92d4-d9ae3f340467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46889", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-46889\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the device setup phase, the MSH30Q creates an unprotected Wi-Fi access point. In this phase, MSH30Q needs to connect to the Internet through a Wi-Fi router. This is why MSH30Q asks for the Wi-Fi network name (SSID) and the Wi-Fi network password. When the user enters the password, the transmission of the Wi-Fi password and name between the MSH30Q and mobile application is observed in the Wi-Fi network. Although the Wi-Fi password is encrypted, a part of the decryption algorithm is public so we complemented the missing parts to decrypt it.\n\ud83d\udccf Published: 2024-01-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T16:11:54.038Z\n\ud83d\udd17 References:\n1. https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219", "creation_timestamp": "2025-06-17T16:41:11.000000Z"} {"uuid": "4dfaec70-0fde-4cae-92d4-d9ae3f340467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46889", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-46889\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the device setup phase, the MSH30Q creates an unprotected Wi-Fi access point. In this phase, MSH30Q needs to connect to the Internet through a Wi-Fi router. This is why MSH30Q asks for the Wi-Fi network name (SSID) and the Wi-Fi network password. When the user enters the password, the transmission of the Wi-Fi password and name between the MSH30Q and mobile application is observed in the Wi-Fi network. Although the Wi-Fi password is encrypted, a part of the decryption algorithm is public so we complemented the missing parts to decrypt it.\n\ud83d\udccf Published: 2024-01-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T16:11:54.038Z\n\ud83d\udd17 References:\n1. https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219", "creation_timestamp": "2025-06-17T16:41:11.000000Z"} https://vulnerability.circl.lu/sighting/4dfaec70-0fde-4cae-92d4-d9ae3f340467/export Tue, 17 Jun 2025 16:41:11 +0000