Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 20 Jun 2026 09:25:14 +0000 7d0697f1-8079-4f19-96af-454b2b31465d https://vulnerability.circl.lu/sighting/7d0697f1-8079-4f19-96af-454b2b31465d/export {"uuid": "7d0697f1-8079-4f19-96af-454b2b31465d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2397", "type": "seen", "source": "https://t.me/cvedetector/20522", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2397 - China Mobile Telnet Service Local Privilege Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2397 \nPublished : March 17, 2025, 9:15 p.m. | 50\u00a0minutes ago \nDescription : A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been declared as problematic. This vulnerability affects unknown code of the component Telnet Service. The manipulation leads to improper authorization. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 2.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T23:19:59.000000Z"} {"uuid": "7d0697f1-8079-4f19-96af-454b2b31465d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2397", "type": "seen", "source": "https://t.me/cvedetector/20522", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2397 - China Mobile Telnet Service Local Privilege Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2397 \nPublished : March 17, 2025, 9:15 p.m. | 50\u00a0minutes ago \nDescription : A vulnerability was found in China Mobile P22g-CIac, ZXWT-MIG-P4G4V, ZXWT-MIG-P8G8V, GT3200-4G4P and GT3200-8G8P up to 20250305. It has been declared as problematic. This vulnerability affects unknown code of the component Telnet Service. The manipulation leads to improper authorization. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 2.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T23:19:59.000000Z"} https://vulnerability.circl.lu/sighting/7d0697f1-8079-4f19-96af-454b2b31465d/export Mon, 17 Mar 2025 23:19:59 +0000 e5ea8383-6e1e-456f-855f-9044e674b309 https://vulnerability.circl.lu/sighting/e5ea8383-6e1e-456f-855f-9044e674b309/export {"uuid": "e5ea8383-6e1e-456f-855f-9044e674b309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2397", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkmegzgk5a2j", "content": "", "creation_timestamp": "2025-03-18T00:01:14.278536Z"} {"uuid": "e5ea8383-6e1e-456f-855f-9044e674b309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2397", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkmegzgk5a2j", "content": "", "creation_timestamp": "2025-03-18T00:01:14.278536Z"} https://vulnerability.circl.lu/sighting/e5ea8383-6e1e-456f-855f-9044e674b309/export Tue, 18 Mar 2025 00:01:14 +0000 bfc7bf1b-903a-4332-8228-2fefb0c69711 https://vulnerability.circl.lu/sighting/bfc7bf1b-903a-4332-8228-2fefb0c69711/export {"uuid": "bfc7bf1b-903a-4332-8228-2fefb0c69711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23979", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16877", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23979\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1.\n\ud83d\udccf Published: 2025-05-19T16:01:21.666Z\n\ud83d\udccf Modified: 2025-05-19T16:01:21.666Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/flashy/vulnerability/wordpress-flashy-theme-1-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-19T16:39:08.000000Z"} {"uuid": "bfc7bf1b-903a-4332-8228-2fefb0c69711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23979", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16877", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23979\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duwasai Flashy allows Reflected XSS.This issue affects Flashy: from n/a through 1.2.1.\n\ud83d\udccf Published: 2025-05-19T16:01:21.666Z\n\ud83d\udccf Modified: 2025-05-19T16:01:21.666Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/flashy/vulnerability/wordpress-flashy-theme-1-2-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-19T16:39:08.000000Z"} https://vulnerability.circl.lu/sighting/bfc7bf1b-903a-4332-8228-2fefb0c69711/export Mon, 19 May 2025 16:39:08 +0000 31cdf3d7-e953-4f2e-925b-98baed8a387f https://vulnerability.circl.lu/sighting/31cdf3d7-e953-4f2e-925b-98baed8a387f/export {"uuid": "31cdf3d7-e953-4f2e-925b-98baed8a387f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23979", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2zau5xf2j", "content": "", "creation_timestamp": "2025-05-19T17:13:03.605069Z"} {"uuid": "31cdf3d7-e953-4f2e-925b-98baed8a387f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23979", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2zau5xf2j", "content": "", "creation_timestamp": "2025-05-19T17:13:03.605069Z"} https://vulnerability.circl.lu/sighting/31cdf3d7-e953-4f2e-925b-98baed8a387f/export Mon, 19 May 2025 17:13:03 +0000 6050b703-9993-4391-a0e1-1f0f9fb80a9e https://vulnerability.circl.lu/sighting/6050b703-9993-4391-a0e1-1f0f9fb80a9e/export {"uuid": "6050b703-9993-4391-a0e1-1f0f9fb80a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23974", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17718", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23974\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation. This issue affects One-Login: from n/a through 1.4.\n\ud83d\udccf Published: 2025-06-09T15:56:57.317Z\n\ud83d\udccf Modified: 2025-06-09T15:56:57.317Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/one-login/vulnerability/wordpress-one-login-1-4-privilege-escalation-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-09T16:56:26.000000Z"} {"uuid": "6050b703-9993-4391-a0e1-1f0f9fb80a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23974", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17718", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23974\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Incorrect Privilege Assignment vulnerability in ifkooo One-Login allows Privilege Escalation. This issue affects One-Login: from n/a through 1.4.\n\ud83d\udccf Published: 2025-06-09T15:56:57.317Z\n\ud83d\udccf Modified: 2025-06-09T15:56:57.317Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/one-login/vulnerability/wordpress-one-login-1-4-privilege-escalation-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-09T16:56:26.000000Z"} https://vulnerability.circl.lu/sighting/6050b703-9993-4391-a0e1-1f0f9fb80a9e/export Mon, 09 Jun 2025 16:56:26 +0000 ad3ab2a1-72a4-4c10-9657-86658120fba5 https://vulnerability.circl.lu/sighting/ad3ab2a1-72a4-4c10-9657-86658120fba5/export {"uuid": "ad3ab2a1-72a4-4c10-9657-86658120fba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23973", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19702", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23973\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dugudlabs SpecFit-Virtual Try On Woocommerce allows Stored XSS. This issue affects SpecFit-Virtual Try On Woocommerce: from n/a through 7.0.6.\n\ud83d\udccf Published: 2025-06-27T11:52:11.272Z\n\ud83d\udccf Modified: 2025-06-27T13:43:16.994Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/try-on-for-woocommerce/vulnerability/wordpress-specfit-virtual-try-on-woocommerce-7-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-27T13:50:34.000000Z"} {"uuid": "ad3ab2a1-72a4-4c10-9657-86658120fba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23973", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19702", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23973\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dugudlabs SpecFit-Virtual Try On Woocommerce allows Stored XSS. This issue affects SpecFit-Virtual Try On Woocommerce: from n/a through 7.0.6.\n\ud83d\udccf Published: 2025-06-27T11:52:11.272Z\n\ud83d\udccf Modified: 2025-06-27T13:43:16.994Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/try-on-for-woocommerce/vulnerability/wordpress-specfit-virtual-try-on-woocommerce-7-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-27T13:50:34.000000Z"} https://vulnerability.circl.lu/sighting/ad3ab2a1-72a4-4c10-9657-86658120fba5/export Fri, 27 Jun 2025 13:50:34 +0000 2a1de48e-4549-4d42-8bcc-5b7123dabd22 https://vulnerability.circl.lu/sighting/2a1de48e-4549-4d42-8bcc-5b7123dabd22/export {"uuid": "2a1de48e-4549-4d42-8bcc-5b7123dabd22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23975", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"} {"uuid": "2a1de48e-4549-4d42-8bcc-5b7123dabd22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23975", "type": "seen", "source": "MISP/71f05cce-2beb-4b80-8496-bbbabc032544", "content": "", "creation_timestamp": "2025-08-25T18:31:43.000000Z"} https://vulnerability.circl.lu/sighting/2a1de48e-4549-4d42-8bcc-5b7123dabd22/export Mon, 25 Aug 2025 18:31:43 +0000 16a99ac4-9012-4077-b5f5-981d100634fa https://vulnerability.circl.lu/sighting/16a99ac4-9012-4077-b5f5-981d100634fa/export {"uuid": "16a99ac4-9012-4077-b5f5-981d100634fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23970", "type": "published-proof-of-concept", "source": "Telegram/7Ka92ZktN6KhnkFfP_8rgWwSyfUtl8VaXBMYWOC8bY9QwTk", "content": "", "creation_timestamp": "2026-04-04T03:00:05.000000Z"} {"uuid": "16a99ac4-9012-4077-b5f5-981d100634fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23970", "type": "published-proof-of-concept", "source": "Telegram/7Ka92ZktN6KhnkFfP_8rgWwSyfUtl8VaXBMYWOC8bY9QwTk", "content": "", "creation_timestamp": "2026-04-04T03:00:05.000000Z"} https://vulnerability.circl.lu/sighting/16a99ac4-9012-4077-b5f5-981d100634fa/export Sat, 04 Apr 2026 03:00:05 +0000 23fb3853-035c-4565-a006-6559e329e04e https://vulnerability.circl.lu/sighting/23fb3853-035c-4565-a006-6559e329e04e/export {"uuid": "23fb3853-035c-4565-a006-6559e329e04e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23970", "type": "published-proof-of-concept", "source": "Telegram/pojO2mXcOuLUz1SLRhtJDDTDN8cBkdjJEYQ_ZSRfL-908A", "content": "", "creation_timestamp": "2026-04-04T08:05:46.000000Z"} {"uuid": "23fb3853-035c-4565-a006-6559e329e04e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23970", "type": "published-proof-of-concept", "source": "Telegram/pojO2mXcOuLUz1SLRhtJDDTDN8cBkdjJEYQ_ZSRfL-908A", "content": "", "creation_timestamp": "2026-04-04T08:05:46.000000Z"} https://vulnerability.circl.lu/sighting/23fb3853-035c-4565-a006-6559e329e04e/export Sat, 04 Apr 2026 08:05:46 +0000 043b312c-576e-4a6d-8bf8-1a2e16f12d4c https://vulnerability.circl.lu/sighting/043b312c-576e-4a6d-8bf8-1a2e16f12d4c/export {"uuid": "043b312c-576e-4a6d-8bf8-1a2e16f12d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23970", "type": "published-proof-of-concept", "source": "Telegram/fPCSsMYO6DdVjSl5rWAMQbqLxiiFvKVYv7gpWkaZNxUI7A", "content": "", "creation_timestamp": "2026-04-17T10:52:40.000000Z"} {"uuid": "043b312c-576e-4a6d-8bf8-1a2e16f12d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23970", "type": "published-proof-of-concept", "source": "Telegram/fPCSsMYO6DdVjSl5rWAMQbqLxiiFvKVYv7gpWkaZNxUI7A", "content": "", "creation_timestamp": "2026-04-17T10:52:40.000000Z"} https://vulnerability.circl.lu/sighting/043b312c-576e-4a6d-8bf8-1a2e16f12d4c/export Fri, 17 Apr 2026 10:52:40 +0000