https://vulnerability.circl.lu/sightings/feed 2026-05-09T08:50:06.257107+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/b91658ff-0d77-4eb1-8596-148af8d8698d/export 2026-05-09T08:50:06.434815+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "b91658ff-0d77-4eb1-8596-148af8d8698d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114270096822737774", "content": "", "creation_timestamp": "2025-04-02T19:48:24.854468Z"} 2025-04-02T19:48:24.854468+00:00 https://vulnerability.circl.lu/sighting/4298b97b-e83d-4bab-8741-d0e2b7b4939d/export 2026-05-09T08:50:06.434656+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "4298b97b-e83d-4bab-8741-d0e2b7b4939d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3172", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10297", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3172\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyer_booking.php. The manipulation of the argument unblock_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-03T18:00:16.848Z\n\ud83d\udccf Modified: 2025-04-03T18:13:30.885Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303131\n2. https://vuldb.com/?ctiid.303131\n3. https://vuldb.com/?submit.543274\n4. https://github.com/p1026/CVE/issues/6", "creation_timestamp": "2025-04-03T18:35:24.000000Z"} 2025-04-03T18:35:24+00:00 https://vulnerability.circl.lu/sighting/4066cf26-71ba-4d42-9411-80fdfc9cb768/export 2026-05-09T08:50:06.434500+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "4066cf26-71ba-4d42-9411-80fdfc9cb768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31728", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10342", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31728\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins AsakusaSatellite Plugin 0.1.1 and earlier does not mask AsakusaSatellite API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them.\n\ud83d\udccf Published: 2025-04-02T14:59:54.247Z\n\ud83d\udccf Modified: 2025-04-03T20:20:27.891Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3523", "creation_timestamp": "2025-04-03T20:35:48.000000Z"} 2025-04-03T20:35:48+00:00 https://vulnerability.circl.lu/sighting/e9e5ef18-d9e6-435c-adaa-860239c21b1e/export 2026-05-09T08:50:06.434345+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "e9e5ef18-d9e6-435c-adaa-860239c21b1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31727", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10344", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31727\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins AsakusaSatellite Plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.\n\ud83d\udccf Published: 2025-04-02T14:59:53.687Z\n\ud83d\udccf Modified: 2025-04-03T20:19:52.127Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3523", "creation_timestamp": "2025-04-03T20:35:49.000000Z"} 2025-04-03T20:35:49+00:00 https://vulnerability.circl.lu/sighting/33cb2490-d0d3-4706-aba3-817496374f15/export 2026-05-09T08:50:06.434192+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "33cb2490-d0d3-4706-aba3-817496374f15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31726", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10345", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31726\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins Stack Hammer Plugin 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.\n\ud83d\udccf Published: 2025-04-02T14:59:53.108Z\n\ud83d\udccf Modified: 2025-04-03T20:19:11.827Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3520", "creation_timestamp": "2025-04-03T20:35:50.000000Z"} 2025-04-03T20:35:50+00:00 https://vulnerability.circl.lu/sighting/5eacff7a-1636-4cd4-857c-7ba152de8576/export 2026-05-09T08:50:06.434030+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "5eacff7a-1636-4cd4-857c-7ba152de8576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31725", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10346", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31725\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.\n\ud83d\udccf Published: 2025-04-02T14:59:52.475Z\n\ud83d\udccf Modified: 2025-04-03T20:18:31.242Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3539", "creation_timestamp": "2025-04-03T20:35:51.000000Z"} 2025-04-03T20:35:51+00:00 https://vulnerability.circl.lu/sighting/46305420-700f-4d96-9673-6b07f0f495b8/export 2026-05-09T08:50:06.433907+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "46305420-700f-4d96-9673-6b07f0f495b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3172", "type": "seen", "source": "https://t.me/cvedetector/22004", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3172 - Project Worlds Online Lawyer Management System SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-3172 \nPublished : April 3, 2025, 6:15 p.m. | 56\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown processing of the file /lawyer_booking.php. The manipulation of the argument unblock_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"03 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T21:55:38.000000Z"} 2025-04-03T21:55:38+00:00 https://vulnerability.circl.lu/sighting/afaad96a-5692-4765-a422-1ed5d877417a/export 2026-05-09T08:50:06.433752+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "afaad96a-5692-4765-a422-1ed5d877417a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/47038", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aUsed to demo CVE-2025-31722.\nURL\uff1ahttps://github.com/Nick6371/CVE-2025-31722\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-08T17:39:34.000000Z"} 2025-08-08T17:39:34+00:00 https://vulnerability.circl.lu/sighting/5ad17f65-c8da-4b91-86ae-d0dc731a78dd/export 2026-05-09T08:50:06.433547+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "5ad17f65-c8da-4b91-86ae-d0dc731a78dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "published-proof-of-concept", "source": "Telegram/WSyTh9exsH7CbCOBuABe9qTMUmqND3LIWJ2H6hWdSDkuNIQ", "content": "", "creation_timestamp": "2025-08-08T21:00:04.000000Z"} 2025-08-08T21:00:04+00:00 https://vulnerability.circl.lu/sighting/c6731c7e-dacc-412c-b990-81a2597f2599/export 2026-05-09T08:50:06.431471+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "c6731c7e-dacc-412c-b990-81a2597f2599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31722", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lw5oyurxkz2f", "content": "", "creation_timestamp": "2025-08-11T21:02:27.682968Z"} 2025-08-11T21:02:27.682968+00:00