Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-07T15:30:00.164808+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/2cf655e9-4359-4538-9cc9-40c462e19fa6/export 2cf655e9-4359-4538-9cc9-40c462e19fa6 2026-06-07T15:30:00.318718+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2cf655e9-4359-4538-9cc9-40c462e19fa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43560", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3pejcf6g2n", "content": "", "creation_timestamp": "2025-05-14T00:07:25.743922Z"} 2025-05-14T00:07:25.743922+00:00 https://vulnerability.circl.lu/sighting/ddffa4de-5717-4fcc-a7ae-40626cb57cce/export ddffa4de-5717-4fcc-a7ae-40626cb57cce 2026-06-07T15:30:00.318631+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ddffa4de-5717-4fcc-a7ae-40626cb57cce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43561", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3pejfykh24", "content": "", "creation_timestamp": "2025-05-14T00:07:26.398051Z"} 2025-05-14T00:07:26.398051+00:00 https://vulnerability.circl.lu/sighting/3b0a5900-894e-4244-ab7f-e0db122c78e2/export 3b0a5900-894e-4244-ab7f-e0db122c78e2 2026-06-07T15:30:00.318518+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3b0a5900-894e-4244-ab7f-e0db122c78e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43569", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3pejjcur2j", "content": "", "creation_timestamp": "2025-05-14T00:07:27.048929Z"} 2025-05-14T00:07:27.048929+00:00 https://vulnerability.circl.lu/sighting/7f32a766-d2d4-4d38-8f21-2f36488e876f/export 7f32a766-d2d4-4d38-8f21-2f36488e876f 2026-06-07T15:30:00.318406+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7f32a766-d2d4-4d38-8f21-2f36488e876f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43567", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16379", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43567\n\ud83d\udd25 CVSS Score: 9.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high.\n\ud83d\udccf Published: 2025-05-13T20:32:22.317Z\n\ud83d\udccf Modified: 2025-05-14T19:11:04.358Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/connect/apsb25-36.html", "creation_timestamp": "2025-05-14T19:33:02.000000Z"} 2025-05-14T19:33:02+00:00 https://vulnerability.circl.lu/sighting/2ea5f69b-4044-45ec-9abd-f43178cb012c/export 2ea5f69b-4044-45ec-9abd-f43178cb012c 2026-06-07T15:30:00.318289+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2ea5f69b-4044-45ec-9abd-f43178cb012c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43561", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16390", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43561\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass authentication mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.\n\ud83d\udccf Published: 2025-05-13T20:49:25.787Z\n\ud83d\udccf Modified: 2025-05-14T18:48:58.175Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html", "creation_timestamp": "2025-05-14T19:33:16.000000Z"} 2025-05-14T19:33:16+00:00 https://vulnerability.circl.lu/sighting/2417f937-2bad-4005-8aa7-493f05e2d7a9/export 2417f937-2bad-4005-8aa7-493f05e2d7a9 2026-06-07T15:30:00.318176+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2417f937-2bad-4005-8aa7-493f05e2d7a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43562", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16444", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43562\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.\n\ud83d\udccf Published: 2025-05-13T20:49:29.876Z\n\ud83d\udccf Modified: 2025-05-15T04:01:50.509Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html", "creation_timestamp": "2025-05-15T04:32:39.000000Z"} 2025-05-15T04:32:39+00:00 https://vulnerability.circl.lu/sighting/ed35ba35-9b20-4503-b7bf-ac61ced6aba4/export ed35ba35-9b20-4503-b7bf-ac61ced6aba4 2026-06-07T15:30:00.318057+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ed35ba35-9b20-4503-b7bf-ac61ced6aba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43564", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16445", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43564\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this issue does not require user interaction.\n\ud83d\udccf Published: 2025-05-13T20:49:28.118Z\n\ud83d\udccf Modified: 2025-05-15T04:01:48.859Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html", "creation_timestamp": "2025-05-15T04:32:40.000000Z"} 2025-05-15T04:32:40+00:00 https://vulnerability.circl.lu/sighting/43ff4489-9a41-44fe-b685-a0191c30f744/export 43ff4489-9a41-44fe-b685-a0191c30f744 2026-06-07T15:30:00.317929+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "43ff4489-9a41-44fe-b685-a0191c30f744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43560", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16446", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43560\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.\n\ud83d\udccf Published: 2025-05-13T20:49:27.360Z\n\ud83d\udccf Modified: 2025-05-15T04:01:47.430Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html", "creation_timestamp": "2025-05-15T04:32:41.000000Z"} 2025-05-15T04:32:41+00:00 https://vulnerability.circl.lu/sighting/81e510fa-eff6-4474-ae14-55c7505a2909/export 81e510fa-eff6-4474-ae14-55c7505a2909 2026-06-07T15:30:00.317764+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "81e510fa-eff6-4474-ae14-55c7505a2909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43563", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16447", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43563\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. An attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitation of this issue does not require user interaction.\n\ud83d\udccf Published: 2025-05-13T20:49:26.593Z\n\ud83d\udccf Modified: 2025-05-15T04:01:45.890Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html", "creation_timestamp": "2025-05-15T04:32:42.000000Z"} 2025-05-15T04:32:42+00:00 https://vulnerability.circl.lu/sighting/20d798ef-34bd-4098-a24d-e33673d4bd24/export 20d798ef-34bd-4098-a24d-e33673d4bd24 2026-06-07T15:30:00.315920+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "20d798ef-34bd-4098-a24d-e33673d4bd24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-43565", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16448", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43565\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security protections and execute code. Exploitation of this issue requires user interaction and scope is changed.\n\ud83d\udccf Published: 2025-05-13T20:49:31.403Z\n\ud83d\udccf Modified: 2025-05-15T04:01:41.254Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html", "creation_timestamp": "2025-05-15T04:32:43.000000Z"} 2025-05-15T04:32:43+00:00