{"vulnerability": "cve-2024-5596", "sightings": [{"uuid": "c5f2c6aa-919a-4bb5-8184-ded7216a8b30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55969", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113654671580362717", "content": "", "creation_timestamp": "2024-12-15T03:17:40.131400Z"}, {"uuid": "205960cd-ad78-425a-addf-23f93e0a417b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://gist.github.com/nscan9/a31982c90ab40a8e00373bf15efbf52a", "content": "", "creation_timestamp": "2025-01-09T19:23:03.000000Z"}, {"uuid": "988d5e65-d191-4944-9e10-397f3e2e92ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113908135045749117", "content": "", "creation_timestamp": "2025-01-28T21:36:45.663342Z"}, {"uuid": "20edfc6e-b34d-46b4-b7e7-6ade5d093596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgti67rt542e", "content": "", "creation_timestamp": "2025-01-28T22:15:38.631709Z"}, {"uuid": "2093a37d-f232-4b47-bb33-f0c6749b0a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgtl72p3662u", "content": "", "creation_timestamp": "2025-01-28T23:09:51.828680Z"}, {"uuid": "fe119730-8348-42ea-a47e-b008904f82ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lldhdfoxav2t", "content": "", "creation_timestamp": "2025-03-27T04:24:01.972532Z"}, {"uuid": "14ac28cf-c8d7-4915-a30e-21ad3d39bc12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113912662928597537", "content": "", "creation_timestamp": "2025-01-29T16:48:26.708382Z"}, {"uuid": "0f7eac50-52a9-444c-a680-c4ea4e0dbd55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lgvujjzk6f2o", "content": "", "creation_timestamp": "2025-01-29T21:02:05.514729Z"}, {"uuid": "e88944ed-f995-4fb8-a440-315538625c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://bsky.app/profile/cyberresearch.bsky.social/post/3lla7giapmn2p", "content": "", "creation_timestamp": "2025-03-25T21:24:36.287214Z"}, {"uuid": "d482d026-c95c-4437-984e-3c42c5b56d9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3ll7su2ssvy2a", "content": "", "creation_timestamp": "2025-03-25T17:39:32.499357Z"}, {"uuid": "3cef0a39-304c-4f8c-90a8-c17eb51c1739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3ll7ppfyype2q", "content": "", "creation_timestamp": "2025-03-25T16:43:16.676769Z"}, {"uuid": "ea2f0e0c-c696-41a5-a477-fe4319e07a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llzctfbrqb2v", "content": "", "creation_timestamp": "2025-04-04T21:02:08.424318Z"}, {"uuid": "c6fa612b-4560-4bbf-893a-b718e0417b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}, {"uuid": "217cf432-2509-431e-adf1-d861125f3b5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "94164c2d-2f13-481d-8236-bb91daae4e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55964", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "4d2f1471-57d4-4803-a286-55862dbaf2c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}, {"uuid": "4151f18b-601f-461e-bbfa-9b99abe54678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/appsmith_rce_cve_2024_55964.rb", "content": "", "creation_timestamp": "2025-04-07T14:00:17.000000Z"}, {"uuid": "f4c18299-919d-4c64-89a8-76c7e97d2fd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:06.000000Z"}, {"uuid": "52e1124c-7437-43a8-a7b2-ceec621d03d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9472", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit POC Code for CVE-2024-55968\nURL\uff1ahttps://github.com/Wi1DN00B/CVE-2024-55968\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-17T21:16:24.000000Z"}, {"uuid": "48cda5af-a46a-4efa-bf35-aa565d05fd2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55964", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/appsmith_rce_cve_2024_55964.rb", "content": "", "creation_timestamp": "2025-04-07T14:00:17.000000Z"}, {"uuid": "26a34b50-769a-4f52-9feb-45455c04208f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55964", "type": "seen", "source": "https://t.me/cvedetector/21220", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55964 - Appsmith PostgreSQL Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55964 \nPublished : March 26, 2025, 8:15 p.m. | 31\u00a0minutes ago \nDescription : An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that datasource, and execute that query. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T22:15:26.000000Z"}, {"uuid": "e3b9443b-6622-4a37-88aa-56ff85110278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://t.me/cvedetector/21219", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55963 - Appsmith DoS: Unauthorized Server Restart\", \n  \"Content\": \"CVE ID : CVE-2024-55963 \nPublished : March 26, 2025, 8:15 p.m. | 31\u00a0minutes ago \nDescription : An issue was discovered in Appsmith before 1.51. A user on Appsmith that doesn't have admin permissions can trigger the restart API on Appsmith, causing a server restart. This is still within the Appsmith container, and the impact is limited to Appsmith's own server only, but there is a denial of service because it can be continually restarted. This is due to incorrect access control checks, which should check for super user permissions on the incoming request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T22:15:22.000000Z"}, {"uuid": "ce7372e2-c62c-4d10-9eb4-ed6a8c0606e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9471", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for DTEX LPE (CVE-2024-55968)\nURL\uff1ahttps://github.com/null-event/CVE-2024-55968\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-17T21:12:14.000000Z"}, {"uuid": "f74eedee-1e46-472b-b779-33ce4d9a63bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "Telegram/ziOVGRU4cKcimSIJ_E6PMSYJvnmBXzqpvenCO7rqIs6XBvg", "content": "", "creation_timestamp": "2025-07-06T15:00:06.000000Z"}, {"uuid": "c70670c5-4bf9-471a-bb8a-4bfa9a2f8038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55964", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8967", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55964\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that datasource, and execute that query.\n\ud83d\udccf Published: 2025-03-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T20:07:25.669Z\n\ud83d\udd17 References:\n1. https://github.com/appsmithorg/appsmith/security/advisories/GHSA-m95x-4w54-gc83", "creation_timestamp": "2025-03-26T20:25:59.000000Z"}, {"uuid": "bd8154ff-971d-4249-9318-34e1db363b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3306", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55968\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-28T22:15:15.860\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://github.com/Wi1DN00B/CVE-2024-55968\n2. https://github.com/null-event/CVE-2024-55968", "creation_timestamp": "2025-01-28T23:18:01.000000Z"}, {"uuid": "805c3214-c0cd-4cab-aa80-5ac0b91831a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3332", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55968\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection.\n\ud83d\udccf Published: 2025-01-29T00:31:54Z\n\ud83d\udccf Modified: 2025-01-29T00:31:54Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-55968\n2. https://github.com/Wi1DN00B/CVE-2024-55968\n3. https://github.com/null-event/CVE-2024-55968", "creation_timestamp": "2025-01-29T01:10:18.000000Z"}, {"uuid": "aed74147-9bd8-4b67-9d8c-51329966bb21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55965", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8959", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55965\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appsmith before 1.51. Users invited as \"App Viewer\" incorrectly have access to development information of a workspace (specifically, a list of datasources in a workspace they're a member of). This information disclosure does not expose sensitive data in the datasources, such as database passwords and API Keys.\n\ud83d\udccf Published: 2025-03-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T20:12:18.796Z\n\ud83d\udd17 References:\n1. https://github.com/appsmithorg/appsmith/security/advisories/GHSA-794x-gm8v-2wj6", "creation_timestamp": "2025-03-26T20:25:48.000000Z"}, {"uuid": "80c7a882-bbd1-495a-a64c-dff83ce1b75d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8963", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55963\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appsmith before 1.51. A user on Appsmith that doesn't have admin permissions can trigger the restart API on Appsmith, causing a server restart. This is still within the Appsmith container, and the impact is limited to Appsmith's own server only, but there is a denial of service because it can be continually restarted. This is due to incorrect access control checks, which should check for super user permissions on the incoming request.\n\ud83d\udccf Published: 2025-03-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T20:09:16.461Z\n\ud83d\udd17 References:\n1. https://github.com/appsmithorg/appsmith/security/advisories/GHSA-6mc8-hw5c-7qqr", "creation_timestamp": "2025-03-26T20:25:52.000000Z"}, {"uuid": "ce0119a9-d4c9-4f39-9f16-6d54caed4720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/53", "content": "CVE-2024-55963: Unauthenticated RCE in Default-Install of Appsmith\n\nBlog: https://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith/", "creation_timestamp": "2025-03-26T04:51:22.000000Z"}, {"uuid": "7276137c-41fc-4034-a26f-a886034a2ef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "Telegram/rldrVU4EbTTnPd8U3W40-F0FQeroqHkK7JRuQCr9iPTQCg8", "content": "", "creation_timestamp": "2025-07-06T03:00:04.000000Z"}, {"uuid": "95b75956-23ef-4087-ba94-7129d170190f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3335", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T18:38:27.000000Z"}, {"uuid": "0e3530d9-a0e0-4e2d-8fa9-b83a1e8029ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55969", "type": "seen", "source": "https://t.me/cvedetector/12951", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55969 - Syncfusion Essential Studio for ASP.NET MVC XML Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55969 \nPublished : Dec. 15, 2024, 4:15 a.m. | 45\u00a0minutes ago \nDescription : DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during the resaving of a DOCX document with an external reference XML, aka I640714. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-15T06:14:06.000000Z"}, {"uuid": "c26f09de-5f22-44bf-ab40-87740b0b85f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/445", "content": "Top Security News for Today\n\nAn Introduction to Data Masking in Privacy Engineering  \nhttps://www.tripwire.com/state-of-security/introduction-data-masking-privacy-engineering\n\nMAS Compliance 101: Key Regulations for Financial Institutions in Singapore  \nhttps://www.tripwire.com/state-of-security/mas-compliance-key-regulations-financial-institutions-singapore\n\nFrida 16.7.0 is out w/ brand new APIs for observing the lifecycles of threads and modules  \nhttps://www.reddit.com/r/netsec/comments/1jjg9kq/frida_1670_is_out_w_brand_new_apis_for_observing/\n\nReport on Paragon Spyware  \nhttps://www.schneier.com/blog/archives/2025/03/report-on-paragon-spyware.html\n\nCVE-2025-26633: How Water Gamayun Weaponizes MUIPath using MSC EvilTwin  \nhttps://www.trendmicro.com/en_us/research/25/c/cve-2025-26633-water-gamayun.html\n\nCVE-2024-55963: Unauthenticated RCE in Default-Install of Appsmith  \nhttps://www.reddit.com/r/netsec/comments/1jjnjam/cve202455963_unauthenticated_rce_in/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-03-26T09:30:16.000000Z"}, {"uuid": "705d5414-cd9f-4acf-b1de-bcafd5397d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55968", "type": "seen", "source": "https://t.me/cvedetector/16654", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55968 - DTEX DEC-M Escalation of Privileges and XPC Connection Manipulation\", \n  \"Content\": \"CVE ID : CVE-2024-55968 \nPublished : Jan. 28, 2025, 10:15 p.m. | 1\u00a0hour, 26\u00a0minutes ago \nDescription : An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service, responsible for handling privileged operations within the macOS DTEX Event Forwarder agent, fails to implement critical client validation during XPC interprocess communication (IPC). Specifically, the service does not verify the code requirements, entitlements, security flags, or version of any client attempting to establish a connection. This lack of proper logic validation allows malicious actors to exploit the service's methods via unauthorized client connections, and escalate privileges to root by abusing the DTConnectionHelperProtocol protocol's submitQuery method over an unauthorized XPC connection. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-29T01:29:08.000000Z"}, {"uuid": "e18dce83-1b08-409b-ad3b-5a45c1e1a340", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55965", "type": "seen", "source": "https://t.me/cvedetector/21244", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55965 - Appsmith Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55965 \nPublished : March 26, 2025, 9:15 p.m. | 1\u00a0hour, 33\u00a0minutes ago \nDescription : An issue was discovered in Appsmith before 1.51. Users invited as \"App Viewer\" incorrectly have access to development information of a workspace (specifically, a list of datasources in a workspace they're a member of). This information disclosure does not expose sensitive data in the datasources, such as database passwords and API Keys. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T23:56:07.000000Z"}, {"uuid": "da2cb60f-6fb3-4086-9f7b-04eb75f00dcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "seen", "source": "https://t.me/CyberBulletin/2828", "content": "\u26a1CVE-2024-55963: Unauthenticated RCE in Default-Install of Appsmith.\n\n#CyberBulletin", "creation_timestamp": "2025-03-26T17:58:08.000000Z"}, {"uuid": "7094242b-a1f7-46c7-b41a-2745af09d5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/8406", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T18:38:27.000000Z"}, {"uuid": "f1a5dcc0-f130-42b1-b081-3d031f0551c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9758", "content": "CVE-2024-55963: Unauthenticated RCE in Default-Install of Appsmith\n\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith/", "creation_timestamp": "2025-03-25T22:16:47.000000Z"}, {"uuid": "09eaa7f2-1d87-44c7-81aa-1b696474426a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55963", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11988", "content": "#exploit\n1. CVE-2024-55963:\nUnauth RCE in Default-Install of Appsmith\nhttps://rhinosecuritylabs.com/research/cve-2024-55963-unauthenticated-rce-in-appsmith\n\n2. CVE-2025-26909:\nLFI to RCE in WP Ghost Plugin\nhttps://github.com/zerodayx/cve-2025-26909\n\n3. CVE-2025-27840:\nVulnerability in ESP32 Microcontrollers\nhttps://github.com/demining/Bluetooth-Attacks-CVE-2025-27840", "creation_timestamp": "2025-03-31T12:29:08.000000Z"}]}