<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-04T05:03:15.221232+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2bb8ac00-6d6c-44c7-8e30-629d2d1a75c0/export</id>
    <title>2bb8ac00-6d6c-44c7-8e30-629d2d1a75c0</title>
    <updated>2026-07-04T05:03:15.245037+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2bb8ac00-6d6c-44c7-8e30-629d2d1a75c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:31.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2bb8ac00-6d6c-44c7-8e30-629d2d1a75c0/export"/>
    <published>2025-08-21T03:19:31+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/54895811-da47-489c-b71c-963a322c98e8/export</id>
    <title>54895811-da47-489c-b71c-963a322c98e8</title>
    <updated>2026-07-04T05:03:15.247418+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "54895811-da47-489c-b71c-963a322c98e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/54895811-da47-489c-b71c-963a322c98e8/export"/>
    <published>2025-08-12T13:33:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2f64023f-a4ba-4f2a-a2fc-9027a08debf1/export</id>
    <title>2f64023f-a4ba-4f2a-a2fc-9027a08debf1</title>
    <updated>2026-07-04T05:03:15.247566+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2f64023f-a4ba-4f2a-a2fc-9027a08debf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkm5q7c45m26", "content": "", "creation_timestamp": "2025-03-17T22:01:02.228222Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2f64023f-a4ba-4f2a-a2fc-9027a08debf1/export"/>
    <published>2025-03-17T22:01:02.228222+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/324c11fb-f022-4d55-9aac-6113973b9637/export</id>
    <title>324c11fb-f022-4d55-9aac-6113973b9637</title>
    <updated>2026-07-04T05:03:15.247670+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "324c11fb-f022-4d55-9aac-6113973b9637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "https://t.me/cvedetector/20510", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2388 - Keytop Parking System API Improper Authentication Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2388 \nPublished : March 17, 2025, 6:15 p.m. | 1\u00a0hour, 49\u00a0minutes ago \nDescription : A vulnerability was found in Keytop \u8def\u5185\u505c\u8f66\u6536\u8d39\u7cfb\u7edf 2.7.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saas/commonApi/park/getParks of the component API. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T21:39:40.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/324c11fb-f022-4d55-9aac-6113973b9637/export"/>
    <published>2025-03-17T21:39:40+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/72b9569f-e02d-4885-adb3-b9a9282d7c2e/export</id>
    <title>72b9569f-e02d-4885-adb3-b9a9282d7c2e</title>
    <updated>2026-07-04T05:03:15.247794+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "72b9569f-e02d-4885-adb3-b9a9282d7c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7829", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2388\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Keytop \u8def\u5185\u505c\u8f66\u6536\u8d39\u7cfb\u7edf 2.7.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saas/commonApi/park/getParks of the component API. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-17T18:00:05.264Z\n\ud83d\udccf Modified: 2025-03-17T18:34:14.455Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299887\n2. https://vuldb.com/?ctiid.299887\n3. https://vuldb.com/?submit.516710\n4. https://github.com/K-mxredo/MXdocument/wiki", "creation_timestamp": "2025-03-17T19:34:24.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/72b9569f-e02d-4885-adb3-b9a9282d7c2e/export"/>
    <published>2025-03-17T19:34:24+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/048e064d-7f4b-4746-b6a2-adbaa9ae8e03/export</id>
    <title>048e064d-7f4b-4746-b6a2-adbaa9ae8e03</title>
    <updated>2026-07-04T05:03:15.247898+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "048e064d-7f4b-4746-b6a2-adbaa9ae8e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2388", "type": "seen", "source": "Telegram/r8ru_SAfyv0cYfCWQL2RY3M8WbLJE6isd6j6oFDTTV3tTy4", "content": "", "creation_timestamp": "2025-03-17T19:32:25.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/048e064d-7f4b-4746-b6a2-adbaa9ae8e03/export"/>
    <published>2025-03-17T19:32:25+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/13aee9c1-f1dd-46fd-b422-2096bcc9b4c2/export</id>
    <title>13aee9c1-f1dd-46fd-b422-2096bcc9b4c2</title>
    <updated>2026-07-04T05:03:15.247996+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "13aee9c1-f1dd-46fd-b422-2096bcc9b4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23889", "type": "seen", "source": "https://t.me/cvedetector/16263", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23889 - Apache FooGallery Captions Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-23889 \nPublished : Jan. 24, 2025, 11:15 a.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FooGallery Captions allows Reflected XSS. This issue affects FooGallery Captions: from n/a through 1.0.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T12:43:54.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/13aee9c1-f1dd-46fd-b422-2096bcc9b4c2/export"/>
    <published>2025-01-24T12:43:54+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/cb06d70c-91fc-46cf-b9e2-870fab771300/export</id>
    <title>cb06d70c-91fc-46cf-b9e2-870fab771300</title>
    <updated>2026-07-04T05:03:15.248099+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "cb06d70c-91fc-46cf-b9e2-870fab771300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23888", "type": "seen", "source": "https://t.me/cvedetector/16262", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23888 - Acunetix NotFound Custom Page Extensions Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23888 \nPublished : Jan. 24, 2025, 11:15 a.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Custom Page Extensions allows Reflected XSS. This issue affects Custom Page Extensions: from n/a through 0.6. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T12:43:53.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/cb06d70c-91fc-46cf-b9e2-870fab771300/export"/>
    <published>2025-01-24T12:43:53+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f87ae977-41b3-466f-b18f-3981db1d9f21/export</id>
    <title>f87ae977-41b3-466f-b18f-3981db1d9f21</title>
    <updated>2026-07-04T05:03:15.248206+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f87ae977-41b3-466f-b18f-3981db1d9f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23885", "type": "seen", "source": "https://t.me/cvedetector/16261", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23885 - \"NotFound MJ Contact us Cross-site Scripting (XSS)\"\", \n  \"Content\": \"CVE ID : CVE-2025-23885 \nPublished : Jan. 24, 2025, 11:15 a.m. | 28\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound MJ Contact us allows Reflected XSS. This issue affects MJ Contact us: from n/a through 5.2.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T12:43:50.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f87ae977-41b3-466f-b18f-3981db1d9f21/export"/>
    <published>2025-01-24T12:43:50+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/55e7322c-f61d-4fc7-837a-44ad0b99dfca/export</id>
    <title>55e7322c-f61d-4fc7-837a-44ad0b99dfca</title>
    <updated>2026-07-04T05:03:15.248306+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "55e7322c-f61d-4fc7-837a-44ad0b99dfca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23889", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113883142080051584", "content": "", "creation_timestamp": "2025-01-24T11:40:43.379211Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/55e7322c-f61d-4fc7-837a-44ad0b99dfca/export"/>
    <published>2025-01-24T11:40:43.379211+00:00</published>
  </entry>
</feed>
