<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-16T02:02:48.442042+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c0857f98-209f-4a40-88c2-fef6fad80ed5/export</id>
    <title>c0857f98-209f-4a40-88c2-fef6fad80ed5</title>
    <updated>2026-07-16T02:02:48.462524+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c0857f98-209f-4a40-88c2-fef6fad80ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10503", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33959\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\ud83d\udccf Published: 2023-01-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T17:31:14.663Z\n\ud83d\udd17 References:\n1. https://www.freebuf.com/articles/web/260338.html\n2. https://github.com/lixiang957/CVE-2021-33959", "creation_timestamp": "2025-04-04T17:36:06.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c0857f98-209f-4a40-88c2-fef6fad80ed5/export"/>
    <published>2025-04-04T17:36:06+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c283cb4a-c048-4251-804f-657598eb184b/export</id>
    <title>c283cb4a-c048-4251-804f-657598eb184b</title>
    <updated>2026-07-16T02:02:48.465399+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c283cb4a-c048-4251-804f-657598eb184b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7967", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-33950\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\ud83d\udccf Published: 2023-02-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T18:32:19.377Z\n\ud83d\udd17 References:\n1. https://github.com/openkm/document-management-system/pull/288\n2. https://github.com/openkm/document-management-system/issues/287\n3. https://github.com/openkm/document-management-system/commit/ce1d82329615aea6aa9f2cc6508c1fe7891e34b5", "creation_timestamp": "2025-03-18T19:03:04.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c283cb4a-c048-4251-804f-657598eb184b/export"/>
    <published>2025-03-18T19:03:04+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9a3eb74b-95c9-4ef8-af02-1d2fe22b9346/export</id>
    <title>9a3eb74b-95c9-4ef8-af02-1d2fe22b9346</title>
    <updated>2026-07-16T02:02:48.465632+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9a3eb74b-95c9-4ef8-af02-1d2fe22b9346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33950", "type": "seen", "source": "https://t.me/cibsecurity/58471", "content": "\u203c CVE-2021-33950 \u203c\n\nAn issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:19:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9a3eb74b-95c9-4ef8-af02-1d2fe22b9346/export"/>
    <published>2023-02-17T20:19:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1cddc1e8-c89c-4a46-bde5-23268b9a7003/export</id>
    <title>1cddc1e8-c89c-4a46-bde5-23268b9a7003</title>
    <updated>2026-07-16T02:02:48.465798+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1cddc1e8-c89c-4a46-bde5-23268b9a7003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33959", "type": "seen", "source": "https://t.me/cibsecurity/56665", "content": "\u203c CVE-2021-33959 \u203c\n\nPlex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T16:21:02.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1cddc1e8-c89c-4a46-bde5-23268b9a7003/export"/>
    <published>2023-01-18T16:21:02+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/668f8ac8-15bf-44f6-b04b-009ca24d2bf7/export</id>
    <title>668f8ac8-15bf-44f6-b04b-009ca24d2bf7</title>
    <updated>2026-07-16T02:02:48.465950+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "668f8ac8-15bf-44f6-b04b-009ca24d2bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3395", "type": "seen", "source": "https://t.me/cibsecurity/22981", "content": "\u203c CVE-2021-3395 \u203c\n\nA cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-03T00:55:47.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/668f8ac8-15bf-44f6-b04b-009ca24d2bf7/export"/>
    <published>2021-02-03T00:55:47+00:00</published>
  </entry>
</feed>
