Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-01T20:43:11.720119+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/ea84957c-c98c-4fcb-9f0d-c11c38731809/export ea84957c-c98c-4fcb-9f0d-c11c38731809 2026-06-01T20:43:11.886530+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ea84957c-c98c-4fcb-9f0d-c11c38731809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32270", "type": "seen", "source": "https://t.me/cvedetector/22157", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32270 - Broadstreet CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32270 \nPublished : April 4, 2025, 4:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Broadstreet Broadstreet allows Cross Site Request Forgery. This issue affects Broadstreet: from n/a through 1.51.1. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T20:32:15.000000Z"} 2025-04-04T20:32:15+00:00 https://vulnerability.circl.lu/sighting/5f974a67-6db4-42e6-80ff-4850bc5c78f1/export 5f974a67-6db4-42e6-80ff-4850bc5c78f1 2026-06-01T20:43:11.886462+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "5f974a67-6db4-42e6-80ff-4850bc5c78f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32271", "type": "seen", "source": "https://t.me/cvedetector/22158", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32271 - Ablancodev Woocommerce Role Pricing CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32271 \nPublished : April 4, 2025, 4:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Role Pricing allows Cross Site Request Forgery. This issue affects Woocommerce Role Pricing: from n/a through 3.5.5. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T20:32:15.000000Z"} 2025-04-04T20:32:15+00:00 https://vulnerability.circl.lu/sighting/b0ff0413-b334-486e-93b7-df87f60c03ed/export b0ff0413-b334-486e-93b7-df87f60c03ed 2026-06-01T20:43:11.886394+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b0ff0413-b334-486e-93b7-df87f60c03ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32272", "type": "seen", "source": "https://t.me/cvedetector/22159", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32272 - PickPlugins Wishlist CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32272 \nPublished : April 4, 2025, 4:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Wishlist allows Cross Site Request Forgery. This issue affects Wishlist: from n/a through 1.0.44. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T20:32:16.000000Z"} 2025-04-04T20:32:16+00:00 https://vulnerability.circl.lu/sighting/1e767525-455a-45e7-a86d-02097a589be9/export 1e767525-455a-45e7-a86d-02097a589be9 2026-06-01T20:43:11.886325+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "1e767525-455a-45e7-a86d-02097a589be9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32274", "type": "seen", "source": "https://t.me/cvedetector/22160", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32274 - w3all phpBB CSRF Attack\", \n \"Content\": \"CVE ID : CVE-2025-32274 \nPublished : April 4, 2025, 4:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB allows Cross Site Request Forgery. This issue affects WP w3all phpBB: from n/a through 2.9.2. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T20:32:17.000000Z"} 2025-04-04T20:32:17+00:00 https://vulnerability.circl.lu/sighting/9cc7ca7d-8efa-49b6-aab7-06a51374affc/export 9cc7ca7d-8efa-49b6-aab7-06a51374affc 2026-06-01T20:43:11.886255+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "9cc7ca7d-8efa-49b6-aab7-06a51374affc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32273", "type": "seen", "source": "https://t.me/cvedetector/22162", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32273 - Freetobook Responsive Widget CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32273 \nPublished : April 4, 2025, 4:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in freetobook Freetobook Responsive Widget allows Cross Site Request Forgery. This issue affects Freetobook Responsive Widget: from n/a through 1.1. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T20:32:21.000000Z"} 2025-04-04T20:32:21+00:00 https://vulnerability.circl.lu/sighting/ce52237b-e9c1-4ce7-9f4b-70a00f031a96/export ce52237b-e9c1-4ce7-9f4b-70a00f031a96 2026-06-01T20:43:11.886182+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ce52237b-e9c1-4ce7-9f4b-70a00f031a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32279", "type": "seen", "source": "https://t.me/cvedetector/22474", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32279 - Shahjada Live Forms Missing Authorization Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32279 \nPublished : April 8, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Shahjada Live Forms. This issue affects Live Forms: from n/a through 4.8.5. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T19:51:20.000000Z"} 2025-04-08T19:51:20+00:00 https://vulnerability.circl.lu/sighting/45b5f932-ca3f-4bc1-9cf4-66d61fa09461/export 45b5f932-ca3f-4bc1-9cf4-66d61fa09461 2026-06-01T20:43:11.886113+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "45b5f932-ca3f-4bc1-9cf4-66d61fa09461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32275", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11200", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32275\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing. This issue affects Survey Maker: from n/a through 5.1.5.4.\n\ud83d\udccf Published: 2025-04-10T08:09:47.813Z\n\ud83d\udccf Modified: 2025-04-10T08:09:47.813Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/survey-maker/vulnerability/wordpress-survey-maker-plugin-5-1-5-0-bypass-vulnerability-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:48:42.000000Z"} 2025-04-10T08:48:42+00:00 https://vulnerability.circl.lu/sighting/e67fda90-5474-47f9-8816-7bad122cc9fe/export e67fda90-5474-47f9-8816-7bad122cc9fe 2026-06-01T20:43:11.886035+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e67fda90-5474-47f9-8816-7bad122cc9fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32275", "type": "seen", "source": "https://t.me/cvedetector/22632", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32275 - Ays Pro Survey Maker Authentication Bypass\", \n \"Content\": \"CVE ID : CVE-2025-32275 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing. This issue affects Survey Maker: from n/a through 5.1.5.4. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:41.000000Z"} 2025-04-10T11:10:41+00:00 https://vulnerability.circl.lu/sighting/8132150a-572a-462a-ac2c-294503f3787e/export 8132150a-572a-462a-ac2c-294503f3787e 2026-06-01T20:43:11.885938+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8132150a-572a-462a-ac2c-294503f3787e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32275", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhfsnepfe2u", "content": "", "creation_timestamp": "2025-04-10T11:32:43.058475Z"} 2025-04-10T11:32:43.058475+00:00 https://vulnerability.circl.lu/sighting/0a457a12-563d-4f13-b448-f873e6d51c67/export 0a457a12-563d-4f13-b448-f873e6d51c67 2026-06-01T20:43:11.884282+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "0a457a12-563d-4f13-b448-f873e6d51c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3227", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18959", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3227\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly enforce channel member management permissions in playbook runs, allowing authenticated users without the 'Manage Channel Members' permission to add or remove users from public and private channels by manipulating playbook run participants when the run is linked to a channel.\n\ud83d\udccf Published: 2025-06-20T14:31:48.644Z\n\ud83d\udccf Modified: 2025-06-20T14:31:48.644Z\n\ud83d\udd17 References:\n1. https://mattermost.com/security-updates", "creation_timestamp": "2025-06-20T14:43:35.000000Z"} 2025-06-20T14:43:35+00:00