https://vulnerability.circl.lu/sightings/feed 2026-05-10T05:23:34.863740+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a0329bd0-3b1e-444c-8c25-c5657bbd729f/export 2026-05-10T05:23:35.035762+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "a0329bd0-3b1e-444c-8c25-c5657bbd729f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2972", "type": "seen", "source": "https://t.me/cvedetector/21541", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2972 - ConcreteCMS Page Attribute Display Block Handler Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2972 \nPublished : March 31, 2025, 3:15 a.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in ConcreteCMS up to 9.3.9. Affected by this issue is some unknown functionality of the component Page Attribute Display Block Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T07:28:44.000000Z"} 2025-03-31T07:28:44+00:00 https://vulnerability.circl.lu/sighting/001163c7-f179-4dc5-8a91-a1ab048b73d6/export 2026-05-10T05:23:35.035658+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "001163c7-f179-4dc5-8a91-a1ab048b73d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114337567683853203", "content": "", "creation_timestamp": "2025-04-14T17:47:07.681784Z"} 2025-04-14T17:47:07.681784+00:00 https://vulnerability.circl.lu/sighting/0fe705a0-006f-4e03-8dfa-a0abec37b0cf/export 2026-05-10T05:23:35.035571+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "0fe705a0-006f-4e03-8dfa-a0abec37b0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmsfw4vsux2q", "content": "", "creation_timestamp": "2025-04-14T20:33:49.755715Z"} 2025-04-14T20:33:49.755715+00:00 https://vulnerability.circl.lu/sighting/b00994c1-96b9-4ab6-827a-791e923309c3/export 2026-05-10T05:23:35.035445+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "b00994c1-96b9-4ab6-827a-791e923309c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://t.me/cvedetector/22883", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29720 - Dify SSRF\", \n \"Content\": \"CVE ID : CVE-2025-29720 \nPublished : April 14, 2025, 5:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"14 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-14T21:22:02.000000Z"} 2025-04-14T21:22:02+00:00 https://vulnerability.circl.lu/sighting/6b6be32c-7c02-455a-8853-e1e8f4ec7dbd/export 2026-05-10T05:23:35.035336+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "6b6be32c-7c02-455a-8853-e1e8f4ec7dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "published-proof-of-concept", "source": "Telegram/EUjFtpfWmQCCiI3QE6k9fNf8U9NSLKRgk3MQ4WNVb8t4qx0", "content": "", "creation_timestamp": "2025-04-15T23:00:05.000000Z"} 2025-04-15T23:00:05+00:00 https://vulnerability.circl.lu/sighting/eee69e9a-2805-4e20-b6e3-fed85fd26b0c/export 2026-05-10T05:23:35.035231+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "eee69e9a-2805-4e20-b6e3-fed85fd26b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12300", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29722\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints.\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T17:34:41.557Z\n\ud83d\udd17 References:\n1. https://github.com/yassmittal/Commercify\n2. https://github.com/cypherdavy/CVE-2025-29722", "creation_timestamp": "2025-04-17T17:57:35.000000Z"} 2025-04-17T17:57:35+00:00 https://vulnerability.circl.lu/sighting/e9ec7fc7-72e2-4865-97b3-d2f54aa493ba/export 2026-05-10T05:23:35.035136+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "e9ec7fc7-72e2-4865-97b3-d2f54aa493ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzrqzscmr2l", "content": "", "creation_timestamp": "2025-04-17T18:54:29.538144Z"} 2025-04-17T18:54:29.538144+00:00 https://vulnerability.circl.lu/sighting/ba32ab97-d7cc-4d36-a441-ec18861caf7c/export 2026-05-10T05:23:35.035016+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "ba32ab97-d7cc-4d36-a441-ec18861caf7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "https://t.me/cvedetector/23270", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29722 - Commercify CSRF Weakness\", \n \"Content\": \"CVE ID : CVE-2025-29722 \nPublished : April 17, 2025, 6:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T23:01:09.000000Z"} 2025-04-17T23:01:09+00:00 https://vulnerability.circl.lu/sighting/1a651481-c376-44e4-8cf0-e441b99dc10a/export 2026-05-10T05:23:35.034854+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "1a651481-c376-44e4-8cf0-e441b99dc10a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:56.000000Z"} 2025-08-09T13:26:56+00:00 https://vulnerability.circl.lu/sighting/11cf2a41-339c-4a75-a394-eee8c64976b7/export 2026-05-10T05:23:35.032893+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "11cf2a41-339c-4a75-a394-eee8c64976b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:38.000000Z"} 2025-08-11T18:47:38+00:00