Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-23T22:29:59.390607+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/726772ef-4a2b-45c9-a681-2d1dcca99088/export 726772ef-4a2b-45c9-a681-2d1dcca99088 2026-06-23T22:29:59.411444+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "726772ef-4a2b-45c9-a681-2d1dcca99088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"} 2026-03-20T00:00:00+00:00 https://vulnerability.circl.lu/sighting/a70f0cfb-d52f-4e49-b490-3173e71d9cbb/export a70f0cfb-d52f-4e49-b490-3173e71d9cbb 2026-06-23T22:29:59.411368+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "a70f0cfb-d52f-4e49-b490-3173e71d9cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "https://bsky.app/profile/hackmag.com/post/3mhkaqgak6e2o", "content": "", "creation_timestamp": "2026-03-21T05:00:07.243564Z"} 2026-03-21T05:00:07.243564+00:00 https://vulnerability.circl.lu/sighting/2b26654c-923c-435f-8300-045191803031/export 2b26654c-923c-435f-8300-045191803031 2026-06-23T22:29:59.411301+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2b26654c-923c-435f-8300-045191803031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"} 2026-03-26T00:00:00+00:00 https://vulnerability.circl.lu/sighting/a17dabec-a4a7-4283-9898-879d667f0115/export a17dabec-a4a7-4283-9898-879d667f0115 2026-06-23T22:29:59.411232+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "a17dabec-a4a7-4283-9898-879d667f0115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mj3eardusz2w", "content": "", "creation_timestamp": "2026-04-09T17:43:22.449569Z"} 2026-04-09T17:43:22.449569+00:00 https://vulnerability.circl.lu/sighting/205f6560-cf11-4af9-9f15-e696dd2208d3/export 205f6560-cf11-4af9-9f15-e696dd2208d3 2026-06-23T22:29:59.411163+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "205f6560-cf11-4af9-9f15-e696dd2208d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "Telegram/6_gD9pQtVCg_eRlU_-Eqvw6JM83wq5C4Rc0rf2uF-yzttPU", "content": "", "creation_timestamp": "2026-05-13T09:00:04.000000Z"} 2026-05-13T09:00:04+00:00 https://vulnerability.circl.lu/sighting/920c4010-02a6-4db4-ae9f-7f4b1644a008/export 920c4010-02a6-4db4-ae9f-7f4b1644a008 2026-06-23T22:29:59.411084+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "920c4010-02a6-4db4-ae9f-7f4b1644a008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-54236", "type": "seen", "source": "https://bsky.app/profile/konvis.bsky.social/post/3mmetej5rtafs", "content": "Session Reaper Bug \u2013 kritischer Bug in Magento Onlineshop (CVE-2025-54236)\n\nEben kam die Info bei uns an, dass es leider wieder einen kritischen Magento Sicherheitsbug gibt. Es...\n\nhttps://www.konvis.de/neuigkeiten/magento/sessionreaper-bug-kritischer-bug-in-magento-onlineshop-cve-2025-54236/", "creation_timestamp": "2026-05-21T16:23:27.678312Z"} 2026-05-21T16:23:27.678312+00:00 https://vulnerability.circl.lu/sighting/2cb6cfa4-1000-4f67-ac1a-f2ce1af85faa/export 2cb6cfa4-1000-4f67-ac1a-f2ce1af85faa 2026-06-23T22:29:59.411009+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2cb6cfa4-1000-4f67-ac1a-f2ce1af85faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "Telegram/Ob2oA_mupoVDMqE6Q_QCizAK8aYtg6z11DPx_SkAfocJmb0", "content": "", "creation_timestamp": "2026-05-24T21:00:04.000000Z"} 2026-05-24T21:00:04+00:00 https://vulnerability.circl.lu/sighting/47105baa-19bd-4344-bfbf-b2f6a0c35849/export 47105baa-19bd-4344-bfbf-b2f6a0c35849 2026-06-23T22:29:59.410918+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "47105baa-19bd-4344-bfbf-b2f6a0c35849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "published-proof-of-concept", "source": "https://t.me/captainsmok3r_official/349", "content": "many people ask me:\nWhat is this vulnerability where attackers upload .txt files (like cox.txt) to websites with these paths? like:\nhttps://www.elgrantlapalero.com/media/customer_address/c/o/cox.txt\nhttps://tulip.store.oysterskin.ai/media/customer_address/a/z/azraelzeroday.txt\nhttps://zone-h.org/mirror/id/42506300\nAnswer: \nThese are two popular unauthenticated file upload vulnerabilities in Magento 2 / Adobe Commerce.\n1. SessionReaper (CVE-2025-54236) Uses the path: /media/customer_address/c/o/cox.txt Comes from the customer address file upload feature (/customer/address_file/upload).\n2. PolyShell (newer vulnerability) \nUses the path: /media/custom_options/quote/.../*.txt Exploited through the REST API when adding items to the cart with custom file options.\npoc:\nhttps://github.com/Baba01hacker666/cve-2025-54236", "creation_timestamp": "2026-06-04T14:09:50.000000Z"} 2026-06-04T14:09:50+00:00 https://vulnerability.circl.lu/sighting/324db1a8-5fe0-4f33-bdc3-a9f325f1b50f/export 324db1a8-5fe0-4f33-bdc3-a9f325f1b50f 2026-06-23T22:29:59.410819+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "324db1a8-5fe0-4f33-bdc3-a9f325f1b50f", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e217d80-c444-43cf-a298-ce880d13b485", "content": "", "creation_timestamp": "2026-06-19T12:45:23.154464Z"} 2026-06-19T12:45:23.154464+00:00 https://vulnerability.circl.lu/sighting/cc325ce1-c233-47e2-a9c6-01aced0e70b5/export cc325ce1-c233-47e2-a9c6-01aced0e70b5 2026-06-23T22:29:59.408251+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "cc325ce1-c233-47e2-a9c6-01aced0e70b5", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/529db509-c992-45cb-9674-cf0ea04079f4", "content": "", "creation_timestamp": "2026-06-23T14:03:48.572839Z"} 2026-06-23T14:03:48.572839+00:00