<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-01T18:34:35.166069+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/db04430a-cf97-4485-915f-84444ba2ab3f/export</id>
    <title>db04430a-cf97-4485-915f-84444ba2ab3f</title>
    <updated>2026-07-01T18:34:35.181630+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "db04430a-cf97-4485-915f-84444ba2ab3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://bsky.app/profile/geeknik.bsky.social/post/3mpjjhnwu7h2t", "content": "Patch-and-pray doesn't work in OT. Attackers reverse-engineered a Lantronix fix and exploited CVE-2025-67038 before the research even went public. Your patch is their roadmap.", "creation_timestamp": "2026-06-30T17:25:09.132081Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/db04430a-cf97-4485-915f-84444ba2ab3f/export"/>
    <published>2026-06-30T17:25:09.132081+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/efb41bf8-ecc0-44f8-b4d9-f6da9a5a6f03/export</id>
    <title>efb41bf8-ecc0-44f8-b4d9-f6da9a5a6f03</title>
    <updated>2026-07-01T18:34:35.183361+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "efb41bf8-ecc0-44f8-b4d9-f6da9a5a6f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mpisgrwxkd2i", "content": "\u26a0\ufe0f CISA issued a warning. Not an advisory. A warning.\n\nCVE-2025-67038.\n\nhttps://www.yazoul.net/malware/mirai-2026-06/reports/2026-06-28/\n\n#InfoSec #ThreatIntel", "creation_timestamp": "2026-06-30T10:33:05.313312Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/efb41bf8-ecc0-44f8-b4d9-f6da9a5a6f03/export"/>
    <published>2026-06-30T10:33:05.313312+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/854caed7-e304-4b01-ad57-f26c1ed08711/export</id>
    <title>854caed7-e304-4b01-ad57-f26c1ed08711</title>
    <updated>2026-07-01T18:34:35.183455+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "854caed7-e304-4b01-ad57-f26c1ed08711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mph3j5iy442j", "content": "Your OT devices just became CISA's problem. And yours.\n\nCVE-2025-67038.\n\nhttps://www.yazoul.net/malware/mirai-2026-06/reports/2026-06-28/\n\n#CVE #CyberSecurity", "creation_timestamp": "2026-06-29T18:10:38.352445Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/854caed7-e304-4b01-ad57-f26c1ed08711/export"/>
    <published>2026-06-29T18:10:38.352445+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/52c48fdf-ceea-457d-a034-297ad5211e17/export</id>
    <title>52c48fdf-ceea-457d-a034-297ad5211e17</title>
    <updated>2026-07-01T18:34:35.183533+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "52c48fdf-ceea-457d-a034-297ad5211e17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://bsky.app/profile/technoholic.bsky.social/post/3mpgskviyfd2q", "content": "CISA warns of active CVE-2025-67038 (CVSS 9.8) flaw in Lantronix EDS5000 Series. FCEB agencies must fix by June 26, 2026, to prevent possible code injection and harm.", "creation_timestamp": "2026-06-29T15:30:01.588662Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/52c48fdf-ceea-457d-a034-297ad5211e17/export"/>
    <published>2026-06-29T15:30:01.588662+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3f3551ce-f227-4053-ae0e-78e7eb467e92/export</id>
    <title>3f3551ce-f227-4053-ae0e-78e7eb467e92</title>
    <updated>2026-07-01T18:34:35.183607+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3f3551ce-f227-4053-ae0e-78e7eb467e92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-67038", "type": "seen", "source": "https://bsky.app/profile/etairos-ai.bsky.social/post/3mpdy4hggqf23", "content": "Unauth command injection = ROOT on Lantronix EDS5000 serial-to-IP boxes (the OT-to-network bridge). Actively exploited, now CISA KEV, thousands exposed. Get them off the internet: https://threat-intelligence.redeyesecurity.com/blog/lantronix-serial-to-ip-cve-2025-67038-ot-exploited-2026", "creation_timestamp": "2026-06-28T12:31:20.534454Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3f3551ce-f227-4053-ae0e-78e7eb467e92/export"/>
    <published>2026-06-28T12:31:20.534454+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/95f3209d-a787-447b-9a1f-41fe87ae0373/export</id>
    <title>95f3209d-a787-447b-9a1f-41fe87ae0373</title>
    <updated>2026-07-01T18:34:35.183676+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "95f3209d-a787-447b-9a1f-41fe87ae0373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mpdplau6el2h", "content": "Your industrial network gear is getting pwned in real-time.\n\nCVE-2025-67038.\n\nhttps://www.yazoul.net/news/article/cisa-warns-critical-lantronix-eds5000-flaw-is-being-actively-exploited/\n\n#CyberSecurity #Security", "creation_timestamp": "2026-06-28T09:58:33.128161Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/95f3209d-a787-447b-9a1f-41fe87ae0373/export"/>
    <published>2026-06-28T09:58:33.128161+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4ab40adb-1dfc-4406-b481-893d6d544619/export</id>
    <title>4ab40adb-1dfc-4406-b481-893d6d544619</title>
    <updated>2026-07-01T18:34:35.183742+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4ab40adb-1dfc-4406-b481-893d6d544619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mpb5j7jiya2i", "content": "CISA says this Lantronix flaw is being exploited right now. Your OT gear might be next.\n\nCVE-2025-67038.\n\nhttps://www.yazoul.net/news/article/cisa-warns-critical-lantronix-eds5000-flaw-is-being-actively-exploited/\n\n#InfoSec #DataBreach", "creation_timestamp": "2026-06-27T09:29:57.908573Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4ab40adb-1dfc-4406-b481-893d6d544619/export"/>
    <published>2026-06-27T09:29:57.908573+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b09ade8e-2161-47eb-9113-5f1de6ce406f/export</id>
    <title>b09ade8e-2161-47eb-9113-5f1de6ce406f</title>
    <updated>2026-07-01T18:34:35.183807+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b09ade8e-2161-47eb-9113-5f1de6ce406f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-67038", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mp6vha5xql2h", "content": "\ud83d\udce2 CVE-2025-67038 : ex\u00e9cution de commandes arbitraires dans les convertisseurs Lantronix EDS5000 ajout\u00e9e au KEV CISA\n\ud83d\udcdd #\u2026\nhttps://cyberveille.ch/posts/2026-06-26-cve-2025-67038-execution-de-commandes-arbitraires-dans-les-convertisseurs-lantronix-eds5000-ajoutee-au-kev-cisa/ #Berserk_Bear #Cyberveille", "creation_timestamp": "2026-06-26T12:00:22.125100Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b09ade8e-2161-47eb-9113-5f1de6ce406f/export"/>
    <published>2026-06-26T12:00:22.125100+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/20044d6c-db08-4bc8-b152-f4f97de0c501/export</id>
    <title>20044d6c-db08-4bc8-b152-f4f97de0c501</title>
    <updated>2026-07-01T18:34:35.183875+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "20044d6c-db08-4bc8-b152-f4f97de0c501", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://bsky.app/profile/yazoul-alerts.bsky.social/post/3mp6q3zd5oa2k", "content": "CISA just added CVE-2025-67038 to its known exploited list.\n\nLantronix EDS5000 Series.\n\nhttps://www.yazoul.net/news/article/cisa-warns-critical-lantronix-eds5000-flaw-is-being-actively-exploited/\n\n#CyberSecurity #PatchNow", "creation_timestamp": "2026-06-26T10:24:37.442876Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/20044d6c-db08-4bc8-b152-f4f97de0c501/export"/>
    <published>2026-06-26T10:24:37.442876+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3996b192-2c06-43d3-9552-6954ed254b7a/export</id>
    <title>3996b192-2c06-43d3-9552-6954ed254b7a</title>
    <updated>2026-07-01T18:34:35.183939+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3996b192-2c06-43d3-9552-6954ed254b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-67038", "type": "seen", "source": "https://threatintel.cc/2026/06/25/cisa-warns-of-maxseverity-ubiquiti.html", "content": "Source URL: www.bleepingcomputer.com/news/secu&amp;hellip;\u2028CISA added actively exploited vulnerabilities affecting Ubiquiti UniFi OS and Lantronix EDS5000 serial-to-Ethernet servers to its Known Exploited Vulnerabilities catalogue and, under BOD 26-04, directed U.S. federal agencies to apply available updates or vendor-recommended mitigations within three days. The Ubiquiti flaws include an access-control bypass, directory/path traversal and improper input validation that could enable command execution, with researchers showing the issues can be chained for full remote code execution on vulnerable UniFi OS devices. The Lantronix issue, CVE-2025-67038, is a critical root-level command-injection flaw in the HTTP RPC module, making urgent patching, exposure review and compensating controls appropriate for organizations running these products.", "creation_timestamp": "2026-06-26T01:00:42.237651Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3996b192-2c06-43d3-9552-6954ed254b7a/export"/>
    <published>2026-06-26T01:00:42.237651+00:00</published>
  </entry>
</feed>
