{"vulnerability": "cve-2023-0386", "sightings": [{"uuid": "bd6d64cb-c761-43bb-b975-cc96b0afe7f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "cc825513-f403-4ba4-8299-6d3679664d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:50.000000Z"}, {"uuid": "b10eb59a-a747-4f92-9be4-5870d58bce24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/hongybarrosz.bsky.social/post/3lry6liy4lc24", "content": "", "creation_timestamp": "2025-06-19T18:44:35.551279Z"}, {"uuid": "924e1335-be52-4157-a06d-33332f0c5b45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lrubkhgvsk2p", "content": "", "creation_timestamp": "2025-06-18T05:27:04.959941Z"}, {"uuid": "5607973a-34bb-49c1-bcaf-65841f778330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lrubs5diq22x", "content": "", "creation_timestamp": "2025-06-18T05:31:19.069973Z"}, {"uuid": "885d06df-2154-46a6-b921-3883a13f6c71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lryehr3pmyu2", "content": "", "creation_timestamp": "2025-06-19T20:30:02.214740Z"}, {"uuid": "55a027ff-fc55-43de-8a09-ef7518256c0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lruk5awfjr2a", "content": "", "creation_timestamp": "2025-06-18T08:00:42.560274Z"}, {"uuid": "b2eef932-491b-43ea-a889-3dd9fd9ed0e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lruqbewmhbo2", "content": "", "creation_timestamp": "2025-06-18T09:54:11.554026Z"}, {"uuid": "aeb084f1-aa20-4daa-ac8d-bb1fb2cc2b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-692bb08b-c15358b13768c37c", "content": "", "creation_timestamp": "2025-06-20T09:42:41.865652Z"}, {"uuid": "67747238-d2fb-4351-adfa-8effe103f29e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/114704040729422733", "content": "", "creation_timestamp": "2025-06-18T11:06:03.286358Z"}, {"uuid": "ce112e9d-56a0-4731-9f3b-c3aed27a3736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lsbn4fri3pz2", "content": "", "creation_timestamp": "2025-06-23T12:58:47.843627Z"}, {"uuid": "31352b5f-ad87-47b8-adf0-61fc9cf1db78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lruxejmfvc2z", "content": "", "creation_timestamp": "2025-06-18T11:57:29.886042Z"}, {"uuid": "dbb0c5ce-b4d4-4cba-b203-fbf68db01d37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lruyt2r2422e", "content": "", "creation_timestamp": "2025-06-18T12:23:26.247625Z"}, {"uuid": "029daed2-4f56-4d0d-b78c-fce47b7a4329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/technology-news.bsky.social/post/3lruyurjv3m2q", "content": "", "creation_timestamp": "2025-06-18T12:24:23.873546Z"}, {"uuid": "4460436f-2ef7-40d5-9104-7813c4b32436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lrv2up6i4ki2", "content": "", "creation_timestamp": "2025-06-18T13:00:17.361651Z"}, {"uuid": "43be5a33-2b1c-4dfe-bd20-bd26ce39aa03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://thehackernews.com/2025/06/cisa-warns-of-active-exploitation-of.html", "content": "", "creation_timestamp": "2025-06-18T04:43:00.000000Z"}, {"uuid": "49680793-5dee-43e6-9579-8b2c721f1a4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-0386", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lrv373vee6a2", "content": "", "creation_timestamp": "2025-06-18T13:06:37.975775Z"}, {"uuid": "301e0242-1ce7-4f13-82c3-e10d4cb605cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-0386", "type": "seen", "source": "https://infosec.exchange/users/defendopsdiaries/statuses/114704754402276566", "content": "", "creation_timestamp": "2025-06-18T14:07:32.263780Z"}, {"uuid": "eed54da5-e7a5-471d-b084-ac3e5e0128d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lrv6qxyrts2m", "content": "", "creation_timestamp": "2025-06-18T14:09:39.133481Z"}, {"uuid": "887f4ed3-fb4e-4580-9270-f1675100b56d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lrva7dxoys2e", "content": "", "creation_timestamp": "2025-06-18T14:35:34.793901Z"}, {"uuid": "08a63602-421e-4d0c-9206-598b7391098d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrzw75n7fhy2", "content": "", "creation_timestamp": "2025-06-20T11:19:54.724837Z"}, {"uuid": "f2bef062-b5b3-4bd0-b0ca-bb08f1cad06d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ls2ccbni7q52", "content": "", "creation_timestamp": "2025-06-20T14:56:24.713753Z"}, {"uuid": "8492b601-57d7-4d35-ac44-cb2b93dce1d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrvuygiwqs2q", "content": "", "creation_timestamp": "2025-06-18T20:47:46.637244Z"}, {"uuid": "e2058314-e0dd-45b7-9219-9cb94f83a903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrvv5t6rvk2q", "content": "", "creation_timestamp": "2025-06-18T20:50:32.681385Z"}, {"uuid": "d5754fd1-9c7c-4e2e-828e-f422a9f89b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrvvjn4e222q", "content": "", "creation_timestamp": "2025-06-18T20:57:16.083575Z"}, {"uuid": "60cf61a9-a0b3-4196-91c2-df26e46c9492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3ls2x7wfbbqy2", "content": "", "creation_timestamp": "2025-06-20T21:10:58.548221Z"}, {"uuid": "d8677a14-e6e3-4ed7-8d49-757928613189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrvvsyuu3u2u", "content": "", "creation_timestamp": "2025-06-18T21:02:24.024007Z"}, {"uuid": "cfccb5ca-52b6-4035-94e0-f32200fc8587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/aimainainnu.bsky.social/post/3lrvxs75bu224", "content": "", "creation_timestamp": "2025-06-18T21:37:43.643787Z"}, {"uuid": "bc7578e0-0a09-4689-8eed-3f34dd4141a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lrvxt3hfy52g", "content": "", "creation_timestamp": "2025-06-18T21:38:12.923825Z"}, {"uuid": "e980617a-f922-4771-9606-62c45eeaae28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lrvxt6poig2p", "content": "", "creation_timestamp": "2025-06-18T21:38:15.640693Z"}, {"uuid": "97d50558-f9db-4245-b7b2-3ab8731a5b4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lrt2dnquym2z", "content": "", "creation_timestamp": "2025-06-17T17:45:16.794987Z"}, {"uuid": "b70397ad-796f-4920-9113-f7904bb545df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrw4dhe2fs22", "content": "", "creation_timestamp": "2025-06-18T22:58:59.379279Z"}, {"uuid": "0c7b1407-0aed-46ca-9fed-0b0309f1a8c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lrwhn24vjw2a", "content": "", "creation_timestamp": "2025-06-19T02:21:10.038955Z"}, {"uuid": "4b38cd4f-b891-487d-a99d-ad9d5d2ac7ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lse2vb5l5vf2", "content": "", "creation_timestamp": "2025-06-24T12:12:37.513721Z"}, {"uuid": "782604c5-27a7-41ca-bfa8-b06f1798c68f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrx3y6h6w5j2", "content": "", "creation_timestamp": "2025-06-19T08:25:31.417922Z"}, {"uuid": "6a4ed17b-f1bd-4dbc-8bcd-10163303e9fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lrxaf5muhx2a", "content": "", "creation_timestamp": "2025-06-19T09:44:08.742126Z"}, {"uuid": "d821e44a-8d50-4837-b17a-886b4a78ad44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lrtblnohic25", "content": "", "creation_timestamp": "2025-06-17T19:55:01.776736Z"}, {"uuid": "5265a506-05d9-42bc-8ec3-e4f0e70b9807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lrtc6ve7q723", "content": "", "creation_timestamp": "2025-06-17T20:05:47.203321Z"}, {"uuid": "5255a9b6-018c-49e1-8c9f-390ec963717c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4240092", "content": "", "creation_timestamp": "2025-06-17T20:21:14.392886Z"}, {"uuid": "abbc127f-807a-469b-ab62-772550858542", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lseq2l32ulv2", "content": "", "creation_timestamp": "2025-06-24T18:30:30.882878Z"}, {"uuid": "7b50a06d-ea4a-4ba4-973a-3c7cf08b5dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lrtptjgev22s", "content": "", "creation_timestamp": "2025-06-18T00:09:57.860289Z"}, {"uuid": "1825c634-04d2-40a0-8bc8-aeb0282a1803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lrxlskghrmw2", "content": "", "creation_timestamp": "2025-06-19T13:10:13.143548Z"}, {"uuid": "f6197f96-a329-4457-8e0a-de9662d6f8ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/it-connect.bsky.social/post/3lrxnuzfuln2f", "content": "", "creation_timestamp": "2025-06-19T13:45:40.194341Z"}, {"uuid": "c16046f0-fb3d-4c61-b1ce-a234db521d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lru7y3sfjo2p", "content": "", "creation_timestamp": "2025-06-18T04:58:51.360095Z"}, {"uuid": "19de6a93-cc46-42fe-8634-b8ddbfe76ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "43aa4960-b47d-4a4c-9991-8208c3a1bb43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "ae3d5b00-52e7-428a-b0ad-ab286086c616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:14.000000Z"}, {"uuid": "cc9c1098-72df-4385-b1e1-a2c840ababb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://bsky.app/profile/dasgeldco.bsky.social/post/3lyfkurauhp24", "content": "", "creation_timestamp": "2025-09-09T11:00:15.826205Z"}, {"uuid": "a1d857b2-4ded-4290-be81-a4b4bf7ac4a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://gist.github.com/Darkcrai86/aca6f141c1de8ee68b300c0d9cf484cd", "content": "", "creation_timestamp": "2025-11-19T15:04:07.000000Z"}, {"uuid": "f9d3092e-073d-4546-ab39-aa4a03cb199a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:51.000000Z"}, {"uuid": "c13e37d2-0391-40aa-8a40-1025d9df4e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb", "content": "", "creation_timestamp": "2024-09-26T19:31:49.000000Z"}, {"uuid": "3d4ba220-55ed-43ad-90a2-453ceb5637dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://gist.github.com/ghh-jb/61f35d015c4e180bbddcf324be113e26", "content": "", "creation_timestamp": "2026-02-27T07:25:02.000000Z"}, {"uuid": "427d1522-672d-4d1f-8266-20075b39da93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/729ce6ab-308d-431d-89af-a5c2ff780c3e", "content": "", "creation_timestamp": "2026-02-02T12:25:58.627141Z"}, {"uuid": "8c35d2a2-5773-4eb1-bb23-d4f965a67fd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "https://t.me/CyberBulletin/3472", "content": "\u26a1\ufe0fCISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability.\n\nThe vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges on susceptible systems. It was patched in early 2023.\n\n#CyberBulletin", "creation_timestamp": "2025-06-18T12:51:34.000000Z"}, {"uuid": "41f91202-7e3d-474c-82d5-f8879c7aa8ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/gJycgIzp9-P92vGciMsmM3AHMS4pKCv2hOA6OUDdYjt7Zb4", "content": "", "creation_timestamp": "2023-05-30T11:00:21.000000Z"}, {"uuid": "7bf068f0-a266-4f35-8218-06d564aea37b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "Telegram/oyS5t2E86_OQiZAyGp85FZe9HT4MCXLxoteHjzWAXqT3Yz4", "content": "", "creation_timestamp": "2025-06-18T12:33:40.000000Z"}, {"uuid": "663953f5-e0d3-4fa3-9cfe-f7b69c22f260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4304", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-0386 analysis and Exp\nURL\uff1ahttps://github.com/chenaotian/CVE-2023-0386\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-06T06:18:08.000000Z"}, {"uuid": "7edb9a57-be31-4766-8692-e11a14f5b0c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4290", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-0386\u5728ubuntu22.04\u4e0a\u7684\u63d0\u6743\nURL\uff1ahttps://github.com/xkaneiki/CVE-2023-0386\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-05T03:10:29.000000Z"}, {"uuid": "8c7911c4-6ca3-4d92-b27c-202006cd5670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4296", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn exploit of CVE-2023-0386, verified on 5.19.0-38-generic #39~22.04.1-Ubuntu\nURL\uff1ahttps://github.com/JlSakuya/CVE-2023-0386\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-05T12:50:12.000000Z"}, {"uuid": "b94caf68-f0c6-4e14-a920-49549f3ae1d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5370", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aThe OverlayFS vulnerability CVE-2023-0386\nURL\uff1ahttps://github.com/Rabie-el-hakouni/CVE-2023-0386\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-11T16:26:53.000000Z"}, {"uuid": "76d37b12-d625-48a3-aecc-990fdfe1fa73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4312", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-0386 EXP\nURL\uff1ahttps://github.com/CKevens/CVE-2023-0386\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-08T02:03:55.000000Z"}, {"uuid": "fae121e9-0e75-4d33-96ea-7a1fb5253cb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5528", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-0386\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.\n\ud83d\udccf Published: 2023-03-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-26T16:05:24.670Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a\n2. https://security.netapp.com/advisory/ntap-20230420-0004/\n3. https://www.debian.org/security/2023/dsa-5402\n4. https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html\n5. http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\n6. https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "creation_timestamp": "2025-02-26T16:24:21.000000Z"}, {"uuid": "af09d36f-27bb-4eb6-93a0-0e7704e8c540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18481", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-0386\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.\n\ud83d\udccf Published: 2023-03-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-16T17:02:46.953Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a\n2. https://security.netapp.com/advisory/ntap-20230420-0004/\n3. https://www.debian.org/security/2023/dsa-5402\n4. https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html\n5. http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\n6. https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "creation_timestamp": "2025-06-16T17:37:56.000000Z"}, {"uuid": "66c7970f-5fe2-4719-bd66-de0304afdf77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/y0aqmKqPISFXaK6BYOX6gYFkEpF4DNtKoY_hRkn9BV7Wl58", "content": "", "creation_timestamp": "2026-04-23T15:00:08.000000Z"}, {"uuid": "fc57eecd-6c0e-404e-8499-955a177ab200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "https://t.me/ics_cert/1195", "content": "CISA \u0631\u0633\u0645\u0627\u064b \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062e\u0637\u0631\u0646\u0627\u06a9 \u0647\u0633\u062a\u0647 \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0631\u0627 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0641\u0639\u0627\u0644 \u0645\u0648\u0631\u062f \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f.\n\n\ud83d\udea8 \u0622\u0698\u0627\u0646\u0633 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0622\u0645\u0631\u06cc\u06a9\u0627\u060c CISA\u060c \u06cc\u06a9 \u062d\u0641\u0631\u0647 \u062e\u0637\u0631\u0646\u0627\u06a9 \u062f\u0631 \u0647\u0633\u062a\u0647 \u0644\u06cc\u0646\u0648\u06a9\u0633 - CVE-2023-0386 - \u0631\u0627 \u0628\u0647 \u0641\u0647\u0631\u0633\u062a \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0641\u0639\u0627\u0644 \u0645\u0648\u0631\u062f \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a . \u0627\u06cc\u0646 \u06cc\u06a9 \u0627\u0634\u06a9\u0627\u0644 \u062f\u0631 \u0632\u06cc\u0631\u0633\u06cc\u0633\u062a\u0645 OverlayFS \u0627\u0633\u062a \u06a9\u0647 \u0647\u06a9\u0631\u0647\u0627 \u0628\u0647 \u0637\u0648\u0631 \u0641\u0639\u0627\u0644 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0648\u0627\u0642\u0639\u06cc \u0627\u0632 \u0622\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f\u060c \u0627\u06af\u0631\u0686\u0647 \u0648\u0635\u0644\u0647 \u0645\u0631\u0628\u0648\u0637\u0647 \u062f\u0631 \u0627\u0648\u0627\u06cc\u0644 \u0633\u0627\u0644 \u06f2\u06f0\u06f2\u06f3 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a.\n\n\u2699\ufe0f \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0641\u0627\u06cc\u0644\u06cc \u0628\u0627 \u067e\u0631\u0686\u0645 SUID \u062f\u0631 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0645\u0627\u0646\u0646\u062f /tmp \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f \u0648 \u062d\u0642\u0648\u0642 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0631\u0628\u0631 \u0631\u06cc\u0634\u0647 \u0631\u0627 \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f. \u0627\u06cc\u0646 \u0631\u0648\u0634 \u062d\u0645\u0644\u0647 \u0622\u0646\u0642\u062f\u0631 \u0633\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u0622\u0646 \u0631\u0627 \u0628\u0647 \u0631\u0627\u062d\u062a\u06cc \u062e\u0648\u062f\u06a9\u0627\u0631 \u06a9\u0631\u062f \u0648 \u062f\u0631 \u06a9\u0645\u067e\u06cc\u0646\u200c\u0647\u0627\u06cc \u0627\u0646\u0628\u0648\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f - \u0627\u06cc\u0646 \u062f\u0642\u06cc\u0642\u0627\u064b \u0647\u0645\u0627\u0646 \u0686\u06cc\u0632\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a Datadog \u0646\u0634\u0627\u0646 \u062f\u0627\u062f.\n\n\ud83d\udcc5 \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u062e\u0637\u0631\u0627\u062a \u0641\u0632\u0627\u06cc\u0646\u062f\u0647\u060c CISA \u0628\u0647 \u0647\u0645\u0647 \u0622\u0698\u0627\u0646\u0633\u200c\u0647\u0627\u06cc \u0641\u062f\u0631\u0627\u0644 \u062f\u0633\u062a\u0648\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u062a\u0627 \u06f8 \u0698\u0648\u0626\u06cc\u0647 \u06f2\u06f0\u06f2\u06f5 \u0648\u0635\u0644\u0647\u200c\u0647\u0627 \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f. \u0633\u0631\u0648\u0631\u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc\u060c \u067e\u0644\u062a\u0641\u0631\u0645\u200c\u0647\u0627\u06cc \u0627\u0628\u0631\u06cc \u0648 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc CI/CD \u06a9\u0647 \u0628\u0647 \u0639\u0645\u0644\u06a9\u0631\u062f \u0635\u062d\u06cc\u062d \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645\u200c\u0647\u0627\u06cc \u062c\u062f\u0627\u0633\u0627\u0632\u06cc \u0644\u06cc\u0646\u0648\u06a9\u0633 \u0648\u0627\u0628\u0633\u062a\u0647 \u0647\u0633\u062a\u0646\u062f\u060c \u0628\u0647 \u0637\u0648\u0631 \u062e\u0627\u0635 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0647\u0633\u062a\u0646\u062f.\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR\n\u06af\u0631\u0648\u0647 \u0627\u06cc\u062a\u0627:\nhttps://eitaa.com/joinchat/1866007784Cfd023f90b2", "creation_timestamp": "2025-06-25T10:03:25.000000Z"}, {"uuid": "5a7ea5df-b7f8-4211-825c-7d0a8b5bdd5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/46", "content": "https://github.com/xkaneiki/CVE-2023-0386", "creation_timestamp": "2023-05-09T22:29:21.000000Z"}, {"uuid": "b4e68ba1-57d3-4d1b-b41d-5df4ccab52bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/208", "content": "Privilege escalation exploit for CVE-2023-0386 in OverlayFS\n\nA privilege escalation exploit by xkaneiki for a logical bug in OverlayFS. Exploitation requires unprivileged user namespaces enabled.\n\nFollowing the exploit, Ryan Simon et al. published an article describing the exploitation process.", "creation_timestamp": "2023-05-25T19:15:19.000000Z"}, {"uuid": "2b9a73fa-c43a-4eff-a436-c4fde91bfedc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1780", "content": "\ud83d\udd04 \u041e\u043f\u0430\u0441\u043d\u044b\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 udisks \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root \u043d\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u0431\u043e\u0440\u043e\u043a Linux\n\n\u041d\u043e\u0432\u0430\u044f CVE-2025-6019 \u0432 Linux \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0433\u043e \u0434\u043e root, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 libblockdev, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0443\u044e \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0438 \u043a \u0434\u0435\u043c\u043e\u043d\u0443 udisks2 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0430 allow_active (\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438 \u0441\u0438\u0434\u044f\u0449\u0438\u0439 \u043f\u0435\u0440\u0435\u0434 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u043e\u043c). \u0425\u043e\u0442\u044f \u043a\u0430\u0436\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u044d\u0442\u043e \u0441\u0440\u0430\u0437\u0443 \u043f\u0435\u0440\u0435\u0432\u043e\u0434\u0438\u0442 \u0430\u0442\u0430\u043a\u0443 \u0432 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044e \u00ab\u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c\u00bb, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u0442\u0440\u044e\u043a\u043e\u0432, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c allow_active \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u2014 \u043e\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u0440\u043e\u0434\u0435 \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u043e\u0439 CVE-2025-6018 \u0432 SUSE \u0434\u043e \u0443\u0433\u043e\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0441\u0441\u0438\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u043e\u0447\u0442\u0438 \u0432\u0441\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u0441\u0431\u043e\u0440\u043a\u0438 (\u043a\u0440\u043e\u043c\u0435 \u043f\u043e\u0436\u0430\u043b\u0443\u0439 Arch) \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 udisks, \u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0448\u0438\u0440\u043e\u043a\u043e. PoC \u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043d\u0430 Ubuntu, Debian, Fedora \u0438 openSUSE. \u041f\u0440\u0430\u0432\u0434\u0430, \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u044f\u0445 udisks \u0447\u0430\u0441\u0442\u043e \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d, \u043d\u043e \u043c\u044b \u0436\u0435 \u0441\u0442\u0440\u0435\u043c\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u043c \u043d\u0430 *nix \u043d\u0430 \u0434\u0435\u0441\u043a\u0442\u043e\u043f\u0430\u0445, \u043f\u0440\u0430\u0432\u0434\u0430?\n\n\u0412 \u0446\u0435\u043b\u043e\u043c LPE \u0432 Linux-\u0441\u0440\u0435\u0434\u0430\u0445 \u2014 \u0442\u043e\u0432\u0430\u0440, \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u0430\u0442\u0447\u0438\u0442\u044c\u0441\u044f \u043d\u0430\u0434\u043e \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e. \u0412\u043e\u0442 CISA \u043f\u043e\u0437\u0430\u0432\u0447\u0435\u0440\u0430 \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0430 \u0432 KEV \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430, CVE-2023-0386.\n\n\u0422\u0430\u043c, \u0433\u0434\u0435 \u043f\u0430\u0442\u0447 \u0435\u0449\u0451 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0438\u043b\u0438 \u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043d\u0435\u043b\u044c\u0437\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c, \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0439 \u043c\u0435\u0440\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043c\u0435\u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438: \n\ud83d\udca1\u043f\u0440\u0430\u0432\u0438\u043b\u043e polkit  \"org.freedesktop.udisks2.modify-device\" \u2014  \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0443 allow_active  yes \u27a1\ufe0f auth_admin\n\n#\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2025-06-19T06:40:12.000000Z"}, {"uuid": "2b02aa6e-a22c-4920-baa2-3002d798e58a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "Telegram/MGLqV8CP4ubA1g1QW4UwY6Ht-GqxXYbjuUa-NpJjm6emRw", "content": "", "creation_timestamp": "2025-06-18T11:11:14.000000Z"}, {"uuid": "86da2420-6eab-4de1-8807-cb4130338a9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "https://t.me/thehackernews/7017", "content": "\ud83d\udee0\ufe0f\ud83d\udd13 A critical Linux kernel flaw (CVE-2023-0386) is now confirmed actively exploited\u2014granting root access via a simple trick.\n\nCISA just added it to the KEV list. Agencies have until July 8 to fix it.\n\nDetails here \u2192 https://thehackernews.com/2025/06/cisa-warns-of-active-exploitation-of.html", "creation_timestamp": "2025-06-18T06:33:46.000000Z"}, {"uuid": "ec5f27c9-00e4-4781-9832-a5111fa25e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/arpsyndicate/1081", "content": "#ExploitObserverAlert\n\nCVE-2023-0386\n\nDESCRIPTION: Exploit Observer has 50 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T01:31:37.000000Z"}, {"uuid": "db8aa43f-0a7e-44d9-8e00-b95bf75f4661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/arpsyndicate/787", "content": "#ExploitObserverAlert\n\nCVE-2023-0386\n\nDESCRIPTION: Exploit Observer has 51 entries related to CVE-2023-0386. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-30T06:52:26.000000Z"}, {"uuid": "d3ccc4a8-ea68-41a5-9590-16dc25892370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/B_3vlUGGz0Qx6ertKji3nlKRofiERp5Nzl7-CaE3D8qaiA", "content": "", "creation_timestamp": "2023-05-06T17:26:37.000000Z"}, {"uuid": "8e75e39f-b98d-442e-899e-e137496db461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/2173", "content": "CVE-2023-0386 - PoC Exploit Released for Linux Kernel Privilege Escalation\n\nLink\n\nExploit", "creation_timestamp": "2023-05-06T13:02:04.000000Z"}, {"uuid": "20e2ee6f-b56d-4b97-877e-b3a51d3d2518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/zUMosOVahjrvbfSki-OY0fLEr1wlqMze_KcW0hLaxiJVz6Xi", "content": "", "creation_timestamp": "2024-04-26T14:02:59.000000Z"}, {"uuid": "7a4a4d11-eae5-4820-ba51-256467a0cf5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2926", "content": "Tools - Hackers Factory \n\n\u200b\u200bsecurity-cheatsheets\n\nA collection of cheatsheets for various infosec tools and topics.\n\nhttps://github.com/andrewjkerr/security-cheatsheets\n\n#cybersecurity #infosec\n\n\u200b\u200bOffensive Security Notes\n\nNotes on learning Offensive Security from the ground up\n\nhttps://github.com/root-at-iyn/Offensive-Security\n\n#cybersecurity #infosec\n\n\u200b\u200bcoding_and_ctf\n\nCollection of notes/source code for self-study of offensive security.\n\nhttps://github.com/sanmiguella/coding_and_ctf\n\n#cybersecurity #infosec\n\n\u200b\u200bCobaltStrike beacon in rust\n\nhttps://github.com/b1tg/cobaltstrike-beacon-rust\n\n#infosec #pentesting #redteam\n\n\u200b\u200bOSWA Experience And Exam Preparation Guide\n\nMy Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam.\n\nhttps://github.com/rndinfosecguy/OSWA-Experience-And-Exam-Preparation\n\n#cybersecurity #infosec\n\n\u200b\u200bOffensive-Security-Vault\n\nThis is a Personal Knowledge Management tools for taking and managing notes related Offensive Security in Obsidian.\n\nhttps://github.com/hackedbyagirl/Offensive-Security-Vault\n\n#cybersecurity #infosec\n\n\u200b\u200bMaskcat\n\nUtility tool for Hashcat Masks and Password Cracking.\n\nhttps://github.com/JakeWnuk/maskcat\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bSCCMHunter\n\nPost-ex tool built to streamline identifying, profiling &amp; attacking SCCM related assets in an AD domain.\n\nhttps://github.com/garrettfoster13/sccmhunter\n\n#infosec #pentesting #redteam\n\n\u200b\u200bOffsec\n\nOffensive security scripts and documentation.\n\nhttps://github.com/ville87/offsec\n\n#cybersecurity #infosec\n\n\u200b\u200bBHEH's XSSRocket\n\nXSS Rocket is written by Black Hat Ethical Hacking with the help of #ChatGPT as experimentation, with a lot of hours spent modifying the code generated by ChatGPT, and is designed for Offensive Security and XSS (Cross-Site Scripting) attacks.\n\nhttps://github.com/blackhatethicalhacking/XSSRocket\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2023-0386\n\nLinux Kernel Privilege Escalation.\n\nhttps://github.com/xkaneiki/CVE-2023-0386\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-05T15:52:05.000000Z"}, {"uuid": "c8071801-e51c-4d78-a734-f330a9bc6635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/J1pbr3Pk4w0CyYe0txbL_KmxswDQmfB8T-3bJQthGPk5bw", "content": "", "creation_timestamp": "2023-05-05T16:09:11.000000Z"}, {"uuid": "9f208739-4467-4811-8425-7c5ac2bcb5bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/proxy_bar/1490", "content": "CVE-2023-0386\nLinux Kernel Privilege Escalation\n*\nreadME\n*\nexploit\n\n#linux #exploit", "creation_timestamp": "2023-05-05T14:03:02.000000Z"}, {"uuid": "37985d17-3c87-40c8-b9c1-1cbed8316fbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/AyHpwjm0UnmLhePUiSG0s_xlvI6qa97U-qFuurKEUoiNQd0", "content": "", "creation_timestamp": "2023-05-20T14:53:20.000000Z"}, {"uuid": "df0c0a1b-c3db-4fa2-956d-6d917363dcc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/iCO3uwwZs9ek5LRSAkrcp4qOEXg5UPACmryqpsPa4D6Elaw", "content": "", "creation_timestamp": "2023-05-10T19:31:12.000000Z"}, {"uuid": "2cb175c5-8fa8-414b-bf8e-39ede446c909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4367", "content": "\u041d\u043e \u043d\u0430 \u044d\u0442\u043e\u043c \u0433\u043e\u043b\u043e\u0432\u043d\u0430\u044f \u0431\u043e\u043b\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Linux \u043d\u0435 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f. \n\n\u0415\u0441\u043b\u0438 \u0434\u043b\u044f \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2023-32233) \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432\u044b\u0439\u0434\u0435\u0442 15 \u043c\u0430\u044f, \u0442\u043e \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2023-0386) \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 OverlayFS \u044f\u0434\u0440\u0430 Linux PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0443\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d.\n\n\u0418 \u043d\u0430 \u044d\u0442\u043e\u043c \u0444\u043e\u043d\u0435 \u0435\u0449\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u0439 \u0434\u0438\u0441\u0441\u043e\u043d\u0430\u043d\u0441 \u0432\u044b\u0437\u0432\u0430\u043b\u0430 Deep Instinct, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0448\u0442\u0430\u043c\u043c\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0434\u043b\u044f Linux \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c BPFdoor.\n\n\u042d\u0442\u043e\u0442 \u043f\u0430\u0441\u0441\u0438\u0432\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u0441\u0442\u0432\u0430 \u0432\u043e \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 \u0438 \u0441\u0440\u0435\u0434\u0430\u0445 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u043e \u0442\u0430\u043a\u043e\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e Berkley Packet Filter \u2014 \u0434\u043e\u0432\u043e\u043b\u044c\u043d\u043e \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u043f\u043e\u0441\u043e\u0431\u0430 \u0443\u043a\u043b\u043e\u043d\u0435\u043d\u0438\u044f \u043e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430 \u043d\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u0442\u0440\u0430\u0444\u0438\u043a.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0437\u0430 BPFdoor \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u043e\u044f\u0442\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f Red Menshen (\u0430\u043a\u0430 Red Dev 18).\n\n\u0413\u0440\u0443\u043f\u043f\u0430 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430\u0441\u044c \u0442\u0435\u043c, \u0447\u0442\u043e \u0441 2021 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0430 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u043c, \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u043c, \u0442\u0435\u043b\u0435\u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u043c \u0438 \u043b\u043e\u0433\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0441\u0435\u043a\u0442\u043e\u0440\u0430\u0445 \u043d\u0430 \u0411\u043b\u0438\u0436\u043d\u0435\u043c \u0412\u043e\u0441\u0442\u043e\u043a\u0435 \u0438 \u0410\u0437\u0438\u0438.", "creation_timestamp": "2023-05-11T14:38:55.000000Z"}, {"uuid": "1f7045ad-564c-4873-bdfe-3b645964bfc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3400", "content": "CVE-2023-0386 | Linux Kernel Privilege Escalation\n\nEnables an attacker with low-privileged user access on a Linux machine with an overlay mount containing a file capability in one of its layers to escalate their privileges up to root. The attacker can achieve this by copying a capable file from a nosuid mount into another mount.\n\nDownload: https://system32.ink/news-feed/p/340/", "creation_timestamp": "2023-05-05T16:08:20.000000Z"}, {"uuid": "a375ce90-47de-41a4-8830-65584b9dd2fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1329", "content": "CVE-2023-0386: Linux LPE\n\nhttps://github.com/xkaneiki/CVE-2023-0386\n\n#exploit #git #lpe", "creation_timestamp": "2023-05-06T08:07:54.000000Z"}, {"uuid": "74cc20ec-1882-4a21-a6a5-509898fe854a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/cibsecurity/60523", "content": "\u203c CVE-2023-0386 \u203c\n\nA flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u00e2\u20ac\u2122s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-22T23:36:07.000000Z"}, {"uuid": "949fd636-8012-450a-8311-8433d420c308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/reverse_dungeon/3168", "content": "\u0420\u0430\u0437\u0431\u043e\u0440 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 OverlayFS (CVE-2023-0386) https://habr.com/p/739030/", "creation_timestamp": "2023-06-07T12:06:23.000000Z"}, {"uuid": "1a6cfd01-cda9-4243-a7bf-7a21eada8529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/551", "content": "https://github.com/xkaneiki/CVE-2023-0386\nubuntu22.04 \u7684\u63d0\u6743\n#\u63d0\u6743", "creation_timestamp": "2023-05-05T14:06:48.000000Z"}, {"uuid": "2402c31a-dfff-48c3-8299-e249bc94adf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8244", "content": "#exploit\n1. CVE-2023-0386:\nLinux Kernel LPE\nhttps://github.com/xkaneiki/CVE-2023-0386\n\n2. CVE-2023-30237:\nCyberGhost VPN client EoP vulnerability\nhttps://www.pentestpartners.com/security-blog/bullied-by-bugcrowd-over-kape-cyberghost-disclosure", "creation_timestamp": "2023-05-06T12:46:15.000000Z"}, {"uuid": "fe927f55-d2f1-4ab3-8bfb-d143090eeaa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8392", "content": "#Blue_Team_Techniques\n1. The OverlayFS vulnerability CVE-2023-0386:\nOverview, detection, and remediation\nhttps://securitylabs.datadoghq.com/articles/overlayfs-cve-2023-0386\n2. PoC for userland hook evasion\nhttps://github.com/S3cur3Th1sSh1t/Ruy-Lopez\n// PoC for a new approach to completely prevent DLLs from being loaded into a newly spawned process", "creation_timestamp": "2023-05-30T11:50:19.000000Z"}, {"uuid": "74ce2a86-03b2-4a6b-ab9d-c40a7a0807ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5048", "content": "CVE-2023-0386 - PoC Exploit Released for Linux Kernel Privilege Escalation\n\nLink\n\nExploit\n\n#POC #exploit #linux \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:24.000000Z"}, {"uuid": "28f1b658-a767-4f3a-a928-9952aadce8f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/X3d0ov_B01fXeFh1HIc4iOWU-yKPAhiRlXClKZPas190B7A", "content": "", "creation_timestamp": "2026-06-11T09:00:04.000000Z"}, {"uuid": "e2a3a935-8fd3-4ce9-a04b-1c69fbf96981", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3d2887e7-1d8d-4eec-bf3d-640e9b02bc7f", "content": "", "creation_timestamp": "2026-06-19T12:45:30.289549Z"}, {"uuid": "36a534b1-74d8-4b1d-a7eb-496c05721d49", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/334108e7-de01-4ef1-8944-4f87f63a909e", "content": "", "creation_timestamp": "2026-06-23T14:03:55.114211Z"}, {"uuid": "71292371-89c1-49f2-9510-fae90065d04f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://gist.github.com/stillbigjosh/5a58fa426ea1b76221a6ce2ac9a909f6", "content": "#!/usr/bin/env bash\n# ==============================================================================\n# HTB CPTS Tool Installer \u2014 Parrot OS (HTB Edition)\n# Mirrors ~/tools directory structure from Kali box\n# Usage: bash install-tools.sh [target-dir]   (default: ~/tools)\n# ==============================================================================\n\nset -euo pipefail\n\nTOOLS_DIR=\"${1:-$HOME/tools}\"\nLOG_FILE=\"$TOOLS_DIR/install.log\"\n\nRED='\\033[0;31m'; GREEN='\\033[0;32m'; YELLOW='\\033[1;33m'; BLUE='\\033[0;34m'; NC='\\033[0m'\n\nlog()     { echo -e \"${GREEN}[+]${NC} $*\" | tee -a \"$LOG_FILE\"; }\nwarn()    { echo -e \"${YELLOW}[!]${NC} $*\" | tee -a \"$LOG_FILE\"; }\nerr()     { echo -e \"${RED}[-]${NC} $*\" | tee -a \"$LOG_FILE\"; }\nsection() { echo -e \"\\n${BLUE}[*] ===== $* =====${NC}\" | tee -a \"$LOG_FILE\"; }\n\n# ------------------------------------------------------------------------------\n# Helpers\n# ------------------------------------------------------------------------------\n\nclone() {\n    local name=\"$1\" url=\"$2\" dest=\"$3\"\n    if [ -d \"$dest/.git\" ]; then\n        warn \"$name already cloned \u2014 pulling latest\"\n        git -C \"$dest\" pull --quiet 2&gt;/dev/null || true\n    else\n        log \"Cloning $name...\"\n        if git clone --quiet --depth=1 \"$url\" \"$dest\" 2&gt;/dev/null; then\n            log \"$name cloned OK\"\n        else\n            err \"Failed to clone $name ($url)\"\n        fi\n    fi\n}\n\ndownload() {\n    local name=\"$1\" url=\"$2\" dest=\"$3\" exe=\"${4:-true}\"\n    if [ -f \"$dest\" ]; then\n        warn \"$name already exists \u2014 skipping\"\n        return\n    fi\n    log \"Downloading $name...\"\n    if curl -fsSL \"$url\" -o \"$dest\"; then\n        [ \"$exe\" = \"true\" ] &amp;&amp; chmod +x \"$dest\"\n        log \"$name downloaded OK\"\n    else\n        err \"Failed to download $name\"\n    fi\n}\n\ndownload_zip() {\n    local name=\"$1\" url=\"$2\" dest_dir=\"$3\"\n    log \"Downloading $name...\"\n    if curl -fsSL \"$url\" -o /tmp/_dl.zip &amp;&amp; unzip -q /tmp/_dl.zip -d \"$dest_dir\" &amp;&amp; rm -f /tmp/_dl.zip; then\n        log \"$name extracted OK\"\n    else\n        err \"Failed to download/extract $name\"\n        rm -f /tmp/_dl.zip\n    fi\n}\n\ndownload_tar() {\n    local name=\"$1\" url=\"$2\" dest_dir=\"$3\"\n    log \"Downloading $name...\"\n    if curl -fsSL \"$url\" | tar -xz -C \"$dest_dir\" 2&gt;/dev/null; then\n        log \"$name extracted OK\"\n    else\n        err \"Failed to download/extract $name\"\n    fi\n}\n\npip_install() {\n    local tool=\"$1\" path=\"$2\"\n    if [ -f \"$path/requirements.txt\" ]; then\n        log \"pip: installing requirements for $tool...\"\n        pip3 install -r \"$path/requirements.txt\" -q 2&gt;/dev/null || warn \"Some pip requirements failed for $tool\"\n    fi\n    if [ -f \"$path/setup.py\" ]; then\n        log \"pip: setup.py install for $tool...\"\n        pip3 install -e \"$path\" -q 2&gt;/dev/null || warn \"setup.py install failed for $tool\"\n    fi\n}\n\nbuild_make() {\n    local name=\"$1\" path=\"$2\"\n    if [ -f \"$path/Makefile\" ]; then\n        log \"make: building $name...\"\n        (cd \"$path\" &amp;&amp; make -s 2&gt;/dev/null) &amp;&amp; log \"$name built OK\" || warn \"$name make failed\"\n    fi\n}\n\nbuild_go() {\n    local name=\"$1\" path=\"$2\" out=\"${3:-$name}\"\n    if [ -f \"$path/go.mod\" ]; then\n        log \"go: building $name...\"\n        (cd \"$path\" &amp;&amp; go build -ldflags=\"-s -w\" -o \"$out\" . 2&gt;/dev/null) &amp;&amp; log \"$name built OK\" || warn \"$name go build failed\"\n    fi\n}\n\n# ==============================================================================\n# PREFLIGHT\n# ==============================================================================\n\npreflight() {\n    section \"Preflight\"\n\n    local missing=()\n    for cmd in git curl wget python3 pip3 go ruby gem make gcc unzip; do\n        command -v \"$cmd\" &amp;&gt;/dev/null || missing+=(\"$cmd\")\n    done\n\n    if [ ${#missing[@]} -gt 0 ]; then\n        warn \"Missing: ${missing[*]} \u2014 installing...\"\n        sudo apt-get update -qq 2&gt;/dev/null\n        sudo apt-get install -y git curl wget python3 python3-pip golang-go ruby ruby-dev \\\n            make gcc g++ libssl-dev libffi-dev python3-dev unzip libpcap-dev 2&gt;/dev/null || true\n    fi\n\n    log \"Creating directory structure...\"\n    mkdir -p \"$TOOLS_DIR\"/{Activedir,Payloads,Pivot}\n    mkdir -p \"$TOOLS_DIR\"/Recon/{Linux,Network,Web,Windows}\n    mkdir -p \"$TOOLS_DIR\"/Privesc/{Windows,Linux,App}\n    &gt; \"$LOG_FILE\"\n}\n\n# ==============================================================================\n# ACTIVE DIRECTORY\n# ==============================================================================\n\ninstall_activedir() {\n    section \"Active Directory Tools\"\n    local D=\"$TOOLS_DIR/Activedir\"\n\n    clone \"adidnsdump\"              \"https://github.com/dirkjanm/adidnsdump.git\"                                    \"$D/adidnsdump\"\n    pip_install \"adidnsdump\"        \"$D/adidnsdump\"\n\n    clone \"Certipy\"                 \"https://github.com/dru1d-foofus/Certipy\"                                       \"$D/Certipy\"\n    pip_install \"Certipy\"           \"$D/Certipy\"\n\n    clone \"CVE-2021-1675\"           \"https://github.com/cube0x0/CVE-2021-1675.git\"                                  \"$D/CVE-2021-1675\"\n\n    clone \"gMSADumper\"              \"https://github.com/micahvandeusen/gMSADumper.git\"                              \"$D/gMSADumper\"\n    pip_install \"gMSADumper\"        \"$D/gMSADumper\"\n\n    clone \"kerbrute\"                \"https://github.com/ropnop/kerbrute.git\"                                        \"$D/kerbrute\"\n    build_go \"kerbrute\"             \"$D/kerbrute\" \"kerbrute\"\n\n    clone \"krbrelayx\"               \"https://github.com/dirkjanm/krbrelayx.git\"                                     \"$D/krbrelayx\"\n    pip_install \"krbrelayx\"         \"$D/krbrelayx\"\n\n    clone \"NetNTLMtoSilverTicket\"   \"https://github.com/NotMedic/NetNTLMtoSilverTicket.git\"                         \"$D/NetNTLMtoSilverTicket\"\n\n    clone \"noPac\"                   \"https://github.com/Ridter/noPac.git\"                                           \"$D/noPac\"\n    pip_install \"noPac\"             \"$D/noPac\"\n\n    clone \"PassTheCert\"             \"https://github.com/AlmondOffSec/PassTheCert.git\"                               \"$D/PassTheCert\"\n\n    clone \"PetitPotam\"              \"https://github.com/topotam/PetitPotam.git\"                                     \"$D/PetitPotam\"\n\n    clone \"PKINITtools\"             \"https://github.com/dirkjanm/PKINITtools.git\"                                   \"$D/PKINITtools\"\n    pip_install \"PKINITtools\"       \"$D/PKINITtools\"\n\n    clone \"pywhisker\"               \"https://github.com/ShutdownRepo/pywhisker.git\"                                 \"$D/pywhisker\"\n    pip_install \"pywhisker\"         \"$D/pywhisker\"\n\n    clone \"Security-Assessment-PS\"  \"https://github.com/itzvenom/Security-Assessment-PS.git\"                        \"$D/Security-Assessment-PS\"\n\n    clone \"targetedKerberoast\"      \"https://github.com/ShutdownRepo/targetedKerberoast.git\"                        \"$D/targetedKerberoast\"\n    pip_install \"targetedKerberoast\" \"$D/targetedKerberoast\"\n\n    clone \"windapsearch\"            \"https://github.com/ropnop/windapsearch.git\"                                    \"$D/windapsearch\"\n    pip_install \"windapsearch\"      \"$D/windapsearch\"\n\n    # BloodHound CLI (precompiled)\n    if [ ! -f \"$D/bloodhound/bloodhound-cli\" ]; then\n        mkdir -p \"$D/bloodhound\"\n        local BH_URL\n        BH_URL=$(curl -fsSL \"https://api.github.com/repos/SpecterOps/BloodHound/releases/latest\" \\\n            | grep -o '\"browser_download_url\": *\"[^\"]*bloodhound-cli-linux-amd64\\.tar\\.gz\"' \\\n            | grep -o 'https://[^\"]*' | head -1)\n        if [ -n \"$BH_URL\" ]; then\n            download_tar \"BloodHound CLI\" \"$BH_URL\" \"$D/bloodhound\"\n            chmod +x \"$D/bloodhound/bloodhound-cli\" 2&gt;/dev/null || true\n        else\n            warn \"BloodHound CLI: could not resolve download URL \u2014 check github.com/SpecterOps/BloodHound/releases\"\n        fi\n    else\n        warn \"BloodHound CLI already present\"\n    fi\n\n    # Rubeus (precompiled \u2014 Ghostpack)\n    if [ ! -f \"$D/Rubeus/Rubeus.exe\" ]; then\n        mkdir -p \"$D/Rubeus\"\n        download \"Rubeus.exe\" \\\n            \"https://github.com/r3motecontrol/Ghostpack-CompiledBinaries/raw/master/Rubeus.exe\" \\\n            \"$D/Rubeus/Rubeus.exe\" \"false\"\n    else\n        warn \"Rubeus.exe already present\"\n    fi\n}\n\n# ==============================================================================\n# PAYLOADS\n# ==============================================================================\n\ninstall_payloads() {\n    section \"Payload Tools\"\n    local D=\"$TOOLS_DIR/Payloads\"\n\n    clone \"CVE-2023-36664 Ghostscript\" \"https://github.com/jakabakos/CVE-2023-36664-Ghostscript-command-injection.git\" \"$D/Ghostscript\"\n    clone \"nishang\"                    \"https://github.com/samratashok/nishang.git\"                                     \"$D/nishang\"\n    clone \"ntlm_theft\"                 \"https://github.com/Greenwolf/ntlm_theft.git\"                                    \"$D/ntlm_theft\"\n    clone \"php-reverse-shell\"          \"https://github.com/pentestmonkey/php-reverse-shell.git\"                         \"$D/php-reverse-shell\"\n    clone \"reverse_shell_splunk\"       \"https://github.com/0xjpuff/reverse_shell_splunk.git\"                            \"$D/reverse_shell_splunk\"\n    clone \"wwwolf-php-webshell\"        \"https://github.com/WhiteWinterWolf/wwwolf-php-webshell.git\"                     \"$D/wwwolf-php-webshell\"\n\n    # RunasCs (precompiled)\n    if [ ! -f \"$D/RunasCs/RunasCs.exe\" ]; then\n        mkdir -p \"$D/RunasCs\"\n        download_zip \"RunasCs\" \\\n            \"https://github.com/antonioCoco/RunasCs/releases/latest/download/RunasCs.zip\" \\\n            \"$D/RunasCs\"\n    else\n        warn \"RunasCs (Payloads) already present\"\n    fi\n\n    # ysoserial.net (precompiled)\n    if [ ! -f \"$D/ysoserial/ysoserial.exe\" ]; then\n        mkdir -p \"$D/ysoserial\"\n        local YSOS_URL\n        YSOS_URL=$(curl -fsSL \"https://api.github.com/repos/pwntester/ysoserial.net/releases/latest\" \\\n            | grep -o '\"browser_download_url\": *\"[^\"]*\\.zip\"' \\\n            | grep -o 'https://[^\"]*' | head -1)\n        if [ -n \"$YSOS_URL\" ]; then\n            download_zip \"ysoserial.net\" \"$YSOS_URL\" \"$D/ysoserial\"\n        else\n            warn \"ysoserial.net: could not resolve download URL \u2014 check github.com/pwntester/ysoserial.net/releases\"\n        fi\n    else\n        warn \"ysoserial already present\"\n    fi\n}\n\n# ==============================================================================\n# PIVOT / TUNNELING\n# ==============================================================================\n\ninstall_pivot() {\n    section \"Pivot / Tunneling Tools\"\n    local D=\"$TOOLS_DIR/Pivot\"\n\n    # chisel \u2014 build from source\n    clone \"chisel\" \"https://github.com/jpillora/chisel.git\" \"$D/chisel\"\n    build_go \"chisel\" \"$D/chisel\" \"chisel\"\n\n    # dnscat2 \u2014 Ruby server + C client\n    clone \"dnscat2\" \"https://github.com/iagox86/dnscat2.git\" \"$D/dnscat2\"\n    if [ -f \"$D/dnscat2/server/Gemfile\" ]; then\n        log \"Installing dnscat2 gems...\"\n        (cd \"$D/dnscat2/server\" &amp;&amp; gem install bundler -q 2&gt;/dev/null &amp;&amp; bundle install -q 2&gt;/dev/null) \\\n            || warn \"dnscat2 gem install failed\"\n    fi\n    if [ -f \"$D/dnscat2/client/Makefile\" ]; then\n        log \"Building dnscat2 C client...\"\n        (cd \"$D/dnscat2/client\" &amp;&amp; make -s 2&gt;/dev/null) &amp;&amp; log \"dnscat2 client built OK\" || warn \"dnscat2 client build failed\"\n    fi\n\n    clone \"dnscat2-powershell\" \"https://github.com/lukebaggett/dnscat2-powershell.git\" \"$D/dnscat2-powershell\"\n\n    # ptunnel-ng \u2014 build from source\n    clone \"ptunnel-ng\" \"https://github.com/utoni/ptunnel-ng.git\" \"$D/ptunnel-ng\"\n    if [ -f \"$D/ptunnel-ng/autogen.sh\" ]; then\n        log \"Building ptunnel-ng...\"\n        (cd \"$D/ptunnel-ng\" &amp;&amp; ./autogen.sh 2&gt;/dev/null &amp;&amp; make -s 2&gt;/dev/null) \\\n            &amp;&amp; log \"ptunnel-ng built OK\" || warn \"ptunnel-ng build failed\"\n    else\n        build_make \"ptunnel-ng\" \"$D/ptunnel-ng\"\n    fi\n\n    clone \"rpivot\" \"https://github.com/klsecservices/rpivot.git\" \"$D/rpivot\"\n\n    # ligolo-ng (precompiled \u2014 no public git repo with source in original)\n    local LIGOLO_DIR=\"$D/ligolo-ng\"\n    if [ ! -f \"$LIGOLO_DIR/proxy\" ]; then\n        mkdir -p \"$LIGOLO_DIR\"\n        local LIGOLO_VER\n        LIGOLO_VER=$(curl -fsSL \"https://api.github.com/repos/nicocha30/ligolo-ng/releases/latest\" \\\n            | grep '\"tag_name\"' | grep -o 'v[0-9.]*' | head -1)\n        LIGOLO_VER=\"${LIGOLO_VER:-v0.8.2}\"\n        log \"Downloading ligolo-ng $LIGOLO_VER...\"\n        download_tar \"ligolo-ng proxy (linux)\"  \\\n            \"https://github.com/nicocha30/ligolo-ng/releases/download/$LIGOLO_VER/ligolo-ng_proxy_${LIGOLO_VER#v}_linux_amd64.tar.gz\" \\\n            \"$LIGOLO_DIR\" || \\\n        download_tar \"ligolo-ng proxy (linux, alt URL)\" \\\n            \"https://github.com/nicocha30/ligolo-ng/releases/download/$LIGOLO_VER/ligolo-ng_proxy_linux_amd64.tar.gz\" \\\n            \"$LIGOLO_DIR\"\n        chmod +x \"$LIGOLO_DIR/proxy\" 2&gt;/dev/null || true\n\n        download_tar \"ligolo-ng agent (linux)\" \\\n            \"https://github.com/nicocha30/ligolo-ng/releases/download/$LIGOLO_VER/ligolo-ng_agent_${LIGOLO_VER#v}_linux_amd64.tar.gz\" \\\n            \"$LIGOLO_DIR\" || true\n        chmod +x \"$LIGOLO_DIR/agent\" 2&gt;/dev/null || true\n\n        download_zip \"ligolo-ng agent (windows)\" \\\n            \"https://github.com/nicocha30/ligolo-ng/releases/download/$LIGOLO_VER/ligolo-ng_agent_${LIGOLO_VER#v}_windows_amd64.zip\" \\\n            \"$LIGOLO_DIR\" || true\n    else\n        warn \"ligolo-ng already present\"\n    fi\n}\n\n# ==============================================================================\n# PRIVILEGE ESCALATION\n# ==============================================================================\n\ninstall_privesc() {\n    section \"Privilege Escalation Tools\"\n    local GHOSTPACK=\"https://github.com/r3motecontrol/Ghostpack-CompiledBinaries/raw/master\"\n\n    # ---- Windows ----\n    local DW=\"$TOOLS_DIR/Privesc/Windows\"\n\n    clone \"Windows-PrivEsc-Cookbook\"  \"https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook.git\" \"$DW/Cookbook\"\n    clone \"EnableAllTokenPrivs\"       \"https://github.com/fashionproof/EnableAllTokenPrivs.git\"                       \"$DW/EnableAllTokenPrivs\"\n    clone \"EoPLoadDriver\"             \"https://github.com/TarlogicSecurity/EoPLoadDriver.git\"                         \"$DW/EoPLoadDriver\"\n    clone \"psgetsystem\"               \"https://github.com/decoder-it/psgetsystem.git\"                                 \"$DW/psgetsystem\"\n    clone \"RoguePlanet\"               \"https://github.com/MSNightmare/RoguePlanet.git\"                                \"$DW/RoguePlanet\"\n    clone \"SeTcbPrivilege_escalation\" \"https://github.com/mSameerMalik/SeTcbPrivilege_escalation.git\"                \"$DW/SeTcbPrivilege_escalation\"\n\n    # GodPotato\n    if [ ! -f \"$DW/GodPotato/GodPotato-NET4.exe\" ]; then\n        mkdir -p \"$DW/GodPotato\"\n        download \"GodPotato-NET4.exe\" \\\n            \"https://github.com/BeichenDream/GodPotato/releases/latest/download/GodPotato-NET4.exe\" \\\n            \"$DW/GodPotato/GodPotato-NET4.exe\" \"false\"\n    else\n        warn \"GodPotato already present\"\n    fi\n\n    # JuicyPotato\n    if [ ! -f \"$DW/JuicyPotato/JuicyPotato.exe\" ]; then\n        mkdir -p \"$DW/JuicyPotato\"\n        download \"JuicyPotato.exe\" \\\n            \"https://github.com/ohpe/juicy-potato/releases/latest/download/JuicyPotato.exe\" \\\n            \"$DW/JuicyPotato/JuicyPotato.exe\" \"false\"\n    else\n        warn \"JuicyPotato already present\"\n    fi\n\n    # PrintSpoofer\n    if [ ! -f \"$DW/PrintSpoofer/PrintSpoofer64.exe\" ]; then\n        mkdir -p \"$DW/PrintSpoofer\"\n        download \"PrintSpoofer64.exe\" \\\n            \"https://github.com/itm4n/PrintSpoofer/releases/latest/download/PrintSpoofer64.exe\" \\\n            \"$DW/PrintSpoofer/PrintSpoofer64.exe\" \"false\"\n        download \"PrintSpoofer32.exe\" \\\n            \"https://github.com/itm4n/PrintSpoofer/releases/latest/download/PrintSpoofer32.exe\" \\\n            \"$DW/PrintSpoofer/PrintSpoofer32.exe\" \"false\"\n    else\n        warn \"PrintSpoofer already present\"\n    fi\n\n    # FullPowers\n    if [ ! -f \"$DW/FullPowers/FullPowers.exe\" ]; then\n        mkdir -p \"$DW/FullPowers\"\n        download \"FullPowers.exe\" \\\n            \"https://github.com/itm4n/FullPowers/releases/latest/download/FullPowers.exe\" \\\n            \"$DW/FullPowers/FullPowers.exe\" \"false\"\n    else\n        warn \"FullPowers already present\"\n    fi\n\n    # RunasCs\n    if [ ! -f \"$DW/RunasCs/RunasCs.exe\" ]; then\n        mkdir -p \"$DW/RunasCs\"\n        download_zip \"RunasCs (Privesc)\" \\\n            \"https://github.com/antonioCoco/RunasCs/releases/latest/download/RunasCs.zip\" \\\n            \"$DW/RunasCs\"\n    else\n        warn \"RunasCs (Privesc) already present\"\n    fi\n\n    # Ghostpack binaries: Seatbelt, SharpUp, SharpChrome\n    for bin in Seatbelt.exe SharpUp.exe SharpChrome.exe; do\n        local bname=\"${bin%%.*}\"\n        mkdir -p \"$DW/$bname\"\n        if [ ! -f \"$DW/$bname/$bin\" ]; then\n            download \"$bin\" \"$GHOSTPACK/$bin\" \"$DW/$bname/$bin\" \"false\"\n        else\n        warn \"$bin already present\"\n    fi\n    done\n\n    # SeBackupPrivilege DLLs\n    if [ ! -f \"$DW/SeBackupPrivilege/SeBackupPrivilegeCmdLets.dll\" ]; then\n        mkdir -p \"$DW/SeBackupPrivilege\"\n        local SBP_BASE=\"https://github.com/giuliano108/SeBackupPrivilege/raw/master/SeBackupPrivilegeCmdLets/bin/Debug\"\n        download \"SeBackupPrivilegeCmdLets.dll\" \"$SBP_BASE/SeBackupPrivilegeCmdLets.dll\" \"$DW/SeBackupPrivilege/SeBackupPrivilegeCmdLets.dll\" \"false\"\n        download \"SeBackupPrivilegeUtils.dll\"   \"$SBP_BASE/SeBackupPrivilegeUtils.dll\"   \"$DW/SeBackupPrivilege/SeBackupPrivilegeUtils.dll\"   \"false\"\n    else\n        warn \"SeBackupPrivilege already present\"\n    fi\n\n    # LaZagne.exe (Windows)\n    if [ ! -f \"$DW/LaZagne/LaZagne.exe\" ]; then\n        mkdir -p \"$DW/LaZagne\"\n        download \"LaZagne.exe\" \\\n            \"https://github.com/AlessandroZ/LaZagne/releases/latest/download/LaZagne.exe\" \\\n            \"$DW/LaZagne/LaZagne.exe\" \"false\"\n    else\n        warn \"LaZagne.exe (Privesc/Windows) already present\"\n    fi\n\n    # ---- Linux ----\n    local DL=\"$TOOLS_DIR/Privesc/Linux\"\n\n    clone \"CVE-2021-3156 BaronSamedit\" \"https://github.com/blasty/CVE-2021-3156.git\"                          \"$DL/Baronsamedit\"\n    build_make \"CVE-2021-3156\"         \"$DL/Baronsamedit\"\n\n    clone \"CVE-2022-2588 DirtyCred\"    \"https://github.com/Markakd/CVE-2022-2588.git\"                         \"$DL/DirtyCred\"\n\n    clone \"CVE-2022-0847 DirtyPipe\"    \"https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits.git\"  \"$DL/DirtyPipe\"\n    build_make \"CVE-2022-0847\"         \"$DL/DirtyPipe\"\n\n    clone \"fail2ban exploit\"           \"https://github.com/rvizx/fail2ban.git\"                                 \"$DL/fail2ban\"\n\n    clone \"CVE-2023-2640 GameOverlay\"  \"https://github.com/g1vi/CVE-2023-2640-CVE-2023-32629.git\"             \"$DL/GameOverlay\"\n\n    clone \"CVE-2021-3493 OverlayFS\"    \"https://github.com/briskets/CVE-2021-3493.git\"                        \"$DL/OverlayFS-CVE-2021-3493\"\n    if [ -f \"$DL/OverlayFS-CVE-2021-3493/exploit.c\" ]; then\n        log \"Compiling CVE-2021-3493...\"\n        gcc \"$DL/OverlayFS-CVE-2021-3493/exploit.c\" -o \"$DL/OverlayFS-CVE-2021-3493/exploit\" 2&gt;/dev/null \\\n            &amp;&amp; log \"CVE-2021-3493 compiled OK\" || warn \"CVE-2021-3493 compile failed\"\n    fi\n\n    clone \"CVE-2023-0386 OverlayFS\"    \"https://github.com/xkaneiki/CVE-2023-0386\"                            \"$DL/OverlayFS-CVE-2023-0386\"\n    build_make \"CVE-2023-0386\"         \"$DL/OverlayFS-CVE-2023-0386\"\n\n    clone \"PwnKit\"                     \"https://github.com/ly4k/PwnKit\"                                        \"$DL/PwnKit\"\n    build_make \"PwnKit\"                \"$DL/PwnKit\"\n\n    clone \"CVE-2024-1086\"              \"https://github.com/Notselwyn/CVE-2024-1086\"                            \"$DL/use_after_free-CVE-2024-1086\"\n\n    # ---- App ----\n    clone \"Nexus-Sonatype-RCE\" \\\n        \"https://github.com/aaryan-11-x/Nexus-Sonatype-Repository-Manager-Groovy-Script-RCE-Authenticated-.git\" \\\n        \"$TOOLS_DIR/Privesc/App/Nexus-Sonatype-Repository-Manager\"\n}\n\n# ==============================================================================\n# RECON\n# ==============================================================================\n\ninstall_recon() {\n    section \"Reconnaissance Tools\"\n\n    # ---- Linux ----\n    local DL=\"$TOOLS_DIR/Recon/Linux\"\n\n    clone \"LaZagne\"          \"https://github.com/AlessandroZ/LaZagne.git\"              \"$DL/LaZagne\"\n    pip_install \"LaZagne\"    \"$DL/LaZagne\"\n\n    clone \"LinEnum\"          \"https://github.com/rebootuser/LinEnum.git\"               \"$DL/LinEnum\"\n    chmod +x \"$DL/LinEnum/LinEnum.sh\" 2&gt;/dev/null || true\n\n    clone \"linuxprivchecker\" \"https://github.com/sleventyeleven/linuxprivchecker.git\"  \"$DL/linuxprivchecker\"\n\n    clone \"mimipenguin\"      \"https://github.com/huntergregal/mimipenguin.git\"         \"$DL/mimipenguin\"\n    build_make \"mimipenguin\" \"$DL/mimipenguin\"\n\n    # linpeas (precompiled)\n    if [ ! -f \"$DL/linpeas/linpeas.sh\" ]; then\n        mkdir -p \"$DL/linpeas\"\n        download \"linpeas.sh\" \\\n            \"https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh\" \\\n            \"$DL/linpeas/linpeas.sh\"\n    else\n        warn \"linpeas already present\"\n    fi\n\n    # pspy (precompiled)\n    if [ ! -f \"$DL/pspy/pspy64\" ]; then\n        mkdir -p \"$DL/pspy\"\n        download \"pspy64\" \"https://github.com/DominicBreuker/pspy/releases/latest/download/pspy64\" \"$DL/pspy/pspy64\"\n        download \"pspy32\" \"https://github.com/DominicBreuker/pspy/releases/latest/download/pspy32\" \"$DL/pspy/pspy32\"\n    else\n        warn \"pspy already present\"\n    fi\n\n    # ---- Network ----\n    local DN=\"$TOOLS_DIR/Recon/Network\"\n\n    clone \"PCredz\"           \"https://github.com/lgandx/PCredz.git\"                   \"$DN/PCredz\"\n    pip_install \"PCredz\"     \"$DN/PCredz\"\n\n    # nmap static binary\n    if [ ! -f \"$DN/nmap-static-binary/nmap\" ]; then\n        mkdir -p \"$DN/nmap-static-binary\"\n        download \"nmap (static linux)\" \\\n            \"https://github.com/andrew-d/static-binaries/raw/master/binaries/linux/x86_64/nmap\" \\\n            \"$DN/nmap-static-binary/nmap\"\n        download \"nmap.exe (static win)\" \\\n            \"https://github.com/andrew-d/static-binaries/raw/master/binaries/windows/x86/nmap.exe\" \\\n            \"$DN/nmap-static-binary/nmap.exe\" \"false\"\n    else\n        warn \"nmap static binary already present\"\n    fi\n\n    # rustscan\n    if [ ! -f \"$DN/rustscan/rustscan\" ]; then\n        mkdir -p \"$DN/rustscan\"\n        log \"Downloading rustscan...\"\n        local RS_URL\n        RS_URL=$(curl -fsSL \"https://api.github.com/repos/RustScan/RustScan/releases/latest\" \\\n            | grep -o '\"browser_download_url\": *\"[^\"]*amd64\\.deb\"' \\\n            | grep -o 'https://[^\"]*' | head -1)\n        if [ -n \"$RS_URL\" ]; then\n            curl -fsSL \"$RS_URL\" -o /tmp/rustscan.deb \\\n                &amp;&amp; sudo dpkg -i /tmp/rustscan.deb \\\n                &amp;&amp; cp \"$(command -v rustscan)\" \"$DN/rustscan/rustscan\" 2&gt;/dev/null \\\n                &amp;&amp; rm -f /tmp/rustscan.deb \\\n                || warn \"rustscan install failed\"\n        else\n            warn \"rustscan: could not resolve .deb URL \u2014 check github.com/RustScan/RustScan/releases\"\n        fi\n    else\n        warn \"rustscan already present\"\n    fi\n\n    # ---- Web ----\n    local DW=\"$TOOLS_DIR/Recon/Web\"\n\n    clone \"Bashfuscator\"      \"https://github.com/Bashfuscator/Bashfuscator\"           \"$DW/Bashfuscator\"\n    pip_install \"Bashfuscator\" \"$DW/Bashfuscator\"\n\n    clone \"FinalRecon\"        \"https://github.com/thewhiteh4t/FinalRecon.git\"          \"$DW/FinalRecon\"\n    pip_install \"FinalRecon\"  \"$DW/FinalRecon\"\n\n    clone \"liffy\"             \"https://github.com/mzfr/liffy.git\"                      \"$DW/liffy\"\n    pip_install \"liffy\"       \"$DW/liffy\"\n\n    clone \"Security-Wordlist\" \"https://github.com/DragonJAR/Security-Wordlist.git\"     \"$DW/Security-Wordlist\"\n\n    clone \"subbrute\"          \"https://github.com/TheRook/subbrute.git\"                \"$DW/subbrute\"\n\n    clone \"username-anarchy\"  \"https://github.com/urbanadventurer/username-anarchy.git\" \"$DW/username-anarchy\"\n\n    clone \"XSStrike\"          \"https://github.com/s0md3v/XSStrike.git\"                 \"$DW/XSStrike\"\n    pip_install \"XSStrike\"    \"$DW/XSStrike\"\n\n    # Aquatone (precompiled)\n    if [ ! -f \"$DW/Aquatone/aquatone\" ]; then\n        mkdir -p \"$DW/Aquatone\"\n        local AQ_URL\n        AQ_URL=$(curl -fsSL \"https://api.github.com/repos/michenriksen/aquatone/releases/latest\" \\\n            | grep -o '\"browser_download_url\": *\"[^\"]*linux_amd64[^\"]*\\.zip\"' \\\n            | grep -o 'https://[^\"]*' | head -1)\n        if [ -n \"$AQ_URL\" ]; then\n            download_zip \"aquatone\" \"$AQ_URL\" \"$DW/Aquatone\"\n            chmod +x \"$DW/Aquatone/aquatone\" 2&gt;/dev/null || true\n        else\n            warn \"aquatone: could not resolve download URL\"\n        fi\n    else\n        warn \"aquatone already present\"\n    fi\n\n    # ---- Windows ----\n    local DWWIN=\"$TOOLS_DIR/Recon/Windows\"\n    local GHOSTPACK=\"https://github.com/r3motecontrol/Ghostpack-CompiledBinaries/raw/master\"\n\n    for bin in Seatbelt.exe SharpChrome.exe SharpUp.exe; do\n        if [ ! -f \"$DWWIN/$bin\" ]; then\n            download \"$bin\" \"$GHOSTPACK/$bin\" \"$DWWIN/$bin\" \"false\"\n        else\n        warn \"$bin (Recon/Windows) already present\"\n    fi\n    done\n\n    # LaZagne.exe (Windows recon copy)\n    if [ ! -f \"$DWWIN/LaZagne.exe\" ]; then\n        download \"LaZagne.exe (Recon/Windows)\" \\\n            \"https://github.com/AlessandroZ/LaZagne/releases/latest/download/LaZagne.exe\" \\\n            \"$DWWIN/LaZagne.exe\" \"false\"\n    else\n        warn \"LaZagne.exe (Recon/Windows) already present\"\n    fi\n}\n\n# ==============================================================================\n# SUMMARY\n# ==============================================================================\n\nprint_summary() {\n    section \"Installation Complete\"\n    log \"Tools installed to: $TOOLS_DIR\"\n    log \"Log file: $LOG_FILE\"\n\n    local warns errors\n    warns=$(grep -c '^\\[!\\]' \"$LOG_FILE\" 2&gt;/dev/null || echo 0)\n    errors=$(grep -c '^\\[-\\]' \"$LOG_FILE\" 2&gt;/dev/null || echo 0)\n\n    echo \"\"\n    echo -e \"${YELLOW}Warnings:${NC} $warns  ${RED}Errors:${NC} $errors\"\n    echo \"\"\n    if [ \"$errors\" -gt 0 ]; then\n        echo -e \"${RED}Failed installs:${NC}\"\n        grep '^\\[-\\]' \"$LOG_FILE\"\n    fi\n    echo \"\"\n    echo -e \"${YELLOW}NOTE:${NC} Windows .exe files are ready to transfer to target hosts.\"\n    echo -e \"${YELLOW}NOTE:${NC} Python tools with venvs may need: python3 -m venv venv &amp;&amp; pip3 install -r requirements.txt\"\n    echo -e \"${YELLOW}NOTE:${NC} Some C exploits may need kernel-version-specific recompilation on target.\"\n}\n\n# ==============================================================================\n# MAIN\n# ==============================================================================\n\nmain() {\n    echo -e \"${BLUE}\"\n    cat &lt;&lt;'BANNER'\n  \u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\n  \u2551   HTB CPTS Tool Installer \u2014 Parrot OS (HTB Edition)  \u2551\n  \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255d\nBANNER\n    echo -e \"  Tools Dir : $TOOLS_DIR\"\n    echo -e \"  Log File  : $LOG_FILE${NC}\"\n    echo \"\"\n\n    preflight\n    install_activedir\n    install_payloads\n    install_pivot\n    install_privesc\n    install_recon\n    print_summary\n}\n\nmain \"$@\"\n", "creation_timestamp": "2026-07-01T20:11:33.835545Z"}, {"uuid": "4111b000-6b42-415b-8289-f04f235bca2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/GithubRedTeam/92560", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a TwoMillion-HTB-Write-up\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Cosm3No1de\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a HTML\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-08 18:57:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nWrite-up completo de la m\u00e1quina TwoMillion de Hack The Box. Enumeraci\u00f3n web, explotaci\u00f3n de API, escalada a admin, inyecci\u00f3n de comandos (RCE), reverse shell y escalada a root mediante CVE-2023-0386 (OverlayFS + FUSE). T\u00e9cnicas de pentesting aplicadas en un entorno controlado.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:07.363154Z"}, {"uuid": "1d8d0a54-8c8f-4d6d-a7e8-a6818945fe5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/GithubRedTeam/92560", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a TwoMillion-HTB-Write-up\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Cosm3No1de\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a HTML\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-08 18:57:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nWrite-up completo de la m\u00e1quina TwoMillion de Hack The Box. Enumeraci\u00f3n web, explotaci\u00f3n de API, escalada a admin, inyecci\u00f3n de comandos (RCE), reverse shell y escalada a root mediante CVE-2023-0386 (OverlayFS + FUSE). T\u00e9cnicas de pentesting aplicadas en un entorno controlado.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:10.665862Z"}, {"uuid": "b78fc918-2f5b-49a3-899a-0ab37dfb1292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/92560", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a TwoMillion-HTB-Write-up\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Cosm3No1de\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a HTML\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-07-08 18:57:15\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nWrite-up completo de la m\u00e1quina TwoMillion de Hack The Box. Enumeraci\u00f3n web, explotaci\u00f3n de API, escalada a admin, inyecci\u00f3n de comandos (RCE), reverse shell y escalada a root mediante CVE-2023-0386 (OverlayFS + FUSE). T\u00e9cnicas de pentesting aplicadas en un entorno controlado.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:32.972840Z"}, {"uuid": "c08b1002-23e3-4519-b1d6-9adc337c5a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "Telegram/uxGFUVPy3TOzkodNgeg8vepR-kYpq91Dg5jOn-NGrDlDjCc", "content": "", "creation_timestamp": "2026-07-16T19:00:16.249108Z"}, {"uuid": "0029bf21-22a6-4796-a51c-863a0b497766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "Telegram/V5mTmbk9lnTnZ4jN3rhRcXNWqgo23Po-CHoFPn2rBCSBzO0", "content": "", "creation_timestamp": "2026-07-16T19:00:28.089757Z"}, {"uuid": "8edba36b-56cc-4148-ad91-bf43b582498f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "Telegram/uxGFUVPy3TOzkodNgeg8vepR-kYpq91Dg5jOn-NGrDlDjCc", "content": "", "creation_timestamp": "2026-07-17T00:00:31.692434Z"}, {"uuid": "00650ed1-b852-45f5-9b38-afc1fe605d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "Telegram/V5mTmbk9lnTnZ4jN3rhRcXNWqgo23Po-CHoFPn2rBCSBzO0", "content": "", "creation_timestamp": "2026-07-17T00:00:44.985820Z"}, {"uuid": "3f1e54f7-2e65-44fb-87af-642bc98407b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "Telegram/uxGFUVPy3TOzkodNgeg8vepR-kYpq91Dg5jOn-NGrDlDjCc", "content": "", "creation_timestamp": "2026-07-18T00:00:41.137293Z"}, {"uuid": "8567d952-d3a2-43a4-9165-dc305de6afc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/V5mTmbk9lnTnZ4jN3rhRcXNWqgo23Po-CHoFPn2rBCSBzO0", "content": "", "creation_timestamp": "2026-07-18T01:00:03.598130Z"}, {"uuid": "512b9177-050a-4ba1-a463-9bdd54c7dc60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0386", "type": "published-proof-of-concept", "source": "Telegram/V5mTmbk9lnTnZ4jN3rhRcXNWqgo23Po-CHoFPn2rBCSBzO0", "content": "", "creation_timestamp": "2026-07-19T00:00:41.253430Z"}]}