https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 03:50:54 +0000 https://vulnerability.circl.lu/sighting/d0118b81-9f86-4bc8-8cc9-317d988d6c17/export {"uuid": "d0118b81-9f86-4bc8-8cc9-317d988d6c17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lkt4jwpsi22b", "content": "", "creation_timestamp": "2025-03-20T16:28:14.440343Z"} {"uuid": "d0118b81-9f86-4bc8-8cc9-317d988d6c17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lkt4jwpsi22b", "content": "", "creation_timestamp": "2025-03-20T16:28:14.440343Z"} https://vulnerability.circl.lu/sighting/d0118b81-9f86-4bc8-8cc9-317d988d6c17/export Thu, 20 Mar 2025 16:28:14 +0000 https://vulnerability.circl.lu/sighting/576a9bf3-2ec6-4473-96e3-963f9bd5e780/export {"uuid": "576a9bf3-2ec6-4473-96e3-963f9bd5e780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2480", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8239", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2480\n\ud83d\udd25 CVSS Score: 8.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker.\n\ud83d\udccf Published: 2025-03-20T16:49:07.713Z\n\ud83d\udccf Modified: 2025-03-20T16:49:07.713Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-079-01\n2. https://santesoft.com/win/sante-dicom-viewer-pro/download.html", "creation_timestamp": "2025-03-20T17:18:48.000000Z"} {"uuid": "576a9bf3-2ec6-4473-96e3-963f9bd5e780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2480", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8239", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2480\n\ud83d\udd25 CVSS Score: 8.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker.\n\ud83d\udccf Published: 2025-03-20T16:49:07.713Z\n\ud83d\udccf Modified: 2025-03-20T16:49:07.713Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-079-01\n2. https://santesoft.com/win/sante-dicom-viewer-pro/download.html", "creation_timestamp": "2025-03-20T17:18:48.000000Z"} https://vulnerability.circl.lu/sighting/576a9bf3-2ec6-4473-96e3-963f9bd5e780/export Thu, 20 Mar 2025 17:18:48 +0000 https://vulnerability.circl.lu/sighting/2b1ef5dd-7c40-4298-b648-3e479b026c44/export {"uuid": "2b1ef5dd-7c40-4298-b648-3e479b026c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2480", "type": "seen", "source": "Telegram/8l2RSQlViSUyF2KsQhAoP-bQskZZ5Tff2UjLP0sTHZ0abL4", "content": "", "creation_timestamp": "2025-03-20T19:00:27.000000Z"} {"uuid": "2b1ef5dd-7c40-4298-b648-3e479b026c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2480", "type": "seen", "source": "Telegram/8l2RSQlViSUyF2KsQhAoP-bQskZZ5Tff2UjLP0sTHZ0abL4", "content": "", "creation_timestamp": "2025-03-20T19:00:27.000000Z"} https://vulnerability.circl.lu/sighting/2b1ef5dd-7c40-4298-b648-3e479b026c44/export Thu, 20 Mar 2025 19:00:27 +0000 https://vulnerability.circl.lu/sighting/fcee542f-5ff6-4213-bd02-bdb4d869d053/export {"uuid": "fcee542f-5ff6-4213-bd02-bdb4d869d053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2480", "type": "seen", "source": "https://t.me/cvedetector/20750", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2480 - Santesoft Sante DICOM Viewer Pro Out-of-Bounds Write Arbitrary Code Execution\", \n \"Content\": \"CVE ID : CVE-2025-2480 \nPublished : March 20, 2025, 5:15 p.m. | 55\u00a0minutes ago \nDescription : Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"20 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T19:54:34.000000Z"} {"uuid": "fcee542f-5ff6-4213-bd02-bdb4d869d053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2480", "type": "seen", "source": "https://t.me/cvedetector/20750", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2480 - Santesoft Sante DICOM Viewer Pro Out-of-Bounds Write Arbitrary Code Execution\", \n \"Content\": \"CVE ID : CVE-2025-2480 \nPublished : March 20, 2025, 5:15 p.m. | 55\u00a0minutes ago \nDescription : Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"20 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T19:54:34.000000Z"} https://vulnerability.circl.lu/sighting/fcee542f-5ff6-4213-bd02-bdb4d869d053/export Thu, 20 Mar 2025 19:54:34 +0000 https://vulnerability.circl.lu/sighting/61fedd65-bbb7-421a-9bbd-a04818fc1e2f/export {"uuid": "61fedd65-bbb7-421a-9bbd-a04818fc1e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11966", "content": "#exploit\n1. CVE-2025-1974, CVE-2025-24514:\nIngress(Nightmare) NGINX RCE\nhttps://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities\n\n2. CVE-2025-24799, CVE-2025-24801:\nPre-auth SQLi to RCE in GLPI\nhttps://blog.lexfo.fr/glpi-sql-to-rce.html\n\n3. CVE-2025-29927:\nAuthorization Bypass in Next.js Middleware\nhttps://github.com/arvion-agent/next-CVE-2025-29927\n]-> Bypass Checker:\nhttps://github.com/RoyCampos/CVE-2025-29927", "creation_timestamp": "2025-03-26T00:36:58.000000Z"} {"uuid": "61fedd65-bbb7-421a-9bbd-a04818fc1e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11966", "content": "#exploit\n1. CVE-2025-1974, CVE-2025-24514:\nIngress(Nightmare) NGINX RCE\nhttps://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities\n\n2. CVE-2025-24799, CVE-2025-24801:\nPre-auth SQLi to RCE in GLPI\nhttps://blog.lexfo.fr/glpi-sql-to-rce.html\n\n3. CVE-2025-29927:\nAuthorization Bypass in Next.js Middleware\nhttps://github.com/arvion-agent/next-CVE-2025-29927\n]-> Bypass Checker:\nhttps://github.com/RoyCampos/CVE-2025-29927", "creation_timestamp": "2025-03-26T00:36:58.000000Z"} https://vulnerability.circl.lu/sighting/61fedd65-bbb7-421a-9bbd-a04818fc1e2f/export Wed, 26 Mar 2025 00:36:58 +0000 https://vulnerability.circl.lu/sighting/d4a7ea4d-257a-4872-b3ae-bd0cf66c1f31/export {"uuid": "d4a7ea4d-257a-4872-b3ae-bd0cf66c1f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24808", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8845", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24808\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Discourse is an open-source discussion platform. Prior to versions `3.3.4` on the `stable` branch and `3.4.0.beta5` on the `beta` branch, someone who is about to reach the limit of users in a group DM may send requests to add new users in parallel. The requests might all go through ignoring the limit due to a race condition. The patch in versions `3.3.4` and `3.4.0.beta5` uses the `lock` step in service to wrap part of the `add_users_to_channel` service inside a distributed lock/mutex in order to avoid the race condition.\n\ud83d\udccf Published: 2025-03-26T14:08:38.915Z\n\ud83d\udccf Modified: 2025-03-26T14:14:38.212Z\n\ud83d\udd17 References:\n1. https://github.com/discourse/discourse/security/advisories/GHSA-hfcx-qjw6-573r\n2. https://github.com/discourse/discourse/commit/a16b2f224860f6678f89f5ffa012f0ede17e4095", "creation_timestamp": "2025-03-26T14:25:09.000000Z"} {"uuid": "d4a7ea4d-257a-4872-b3ae-bd0cf66c1f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24808", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8845", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24808\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Discourse is an open-source discussion platform. Prior to versions `3.3.4` on the `stable` branch and `3.4.0.beta5` on the `beta` branch, someone who is about to reach the limit of users in a group DM may send requests to add new users in parallel. The requests might all go through ignoring the limit due to a race condition. The patch in versions `3.3.4` and `3.4.0.beta5` uses the `lock` step in service to wrap part of the `add_users_to_channel` service inside a distributed lock/mutex in order to avoid the race condition.\n\ud83d\udccf Published: 2025-03-26T14:08:38.915Z\n\ud83d\udccf Modified: 2025-03-26T14:14:38.212Z\n\ud83d\udd17 References:\n1. https://github.com/discourse/discourse/security/advisories/GHSA-hfcx-qjw6-573r\n2. https://github.com/discourse/discourse/commit/a16b2f224860f6678f89f5ffa012f0ede17e4095", "creation_timestamp": "2025-03-26T14:25:09.000000Z"} https://vulnerability.circl.lu/sighting/d4a7ea4d-257a-4872-b3ae-bd0cf66c1f31/export Wed, 26 Mar 2025 14:25:09 +0000 https://vulnerability.circl.lu/sighting/57228ff8-9f5a-46e6-861e-f87f58747d56/export {"uuid": "57228ff8-9f5a-46e6-861e-f87f58747d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24808", "type": "seen", "source": "https://t.me/cvedetector/21178", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-24808 - Discourse Race Condition in Group DM User Addition\", \n \"Content\": \"CVE ID : CVE-2025-24808 \nPublished : March 26, 2025, 2:15 p.m. | 28\u00a0minutes ago \nDescription : Discourse is an open-source discussion platform. Prior to versions 3.3.4 on the `stable` branch and `3.4.0.beta5` on the `beta` branch, someone who is about to reach the limit of users in a group DM may send requests to add new users in parallel. The requests might all go through ignoring the limit due to a race condition. The patch in versions `3.3.4` and `3.4.0.beta5` uses the `lock` step in service to wrap part of the `add_users_to_channel` service inside a distributed lock/mutex in order to avoid the race condition. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"26 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T16:23:54.000000Z"} {"uuid": "57228ff8-9f5a-46e6-861e-f87f58747d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24808", "type": "seen", "source": "https://t.me/cvedetector/21178", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-24808 - Discourse Race Condition in Group DM User Addition\", \n \"Content\": \"CVE ID : CVE-2025-24808 \nPublished : March 26, 2025, 2:15 p.m. | 28\u00a0minutes ago \nDescription : Discourse is an open-source discussion platform. Prior to versions 3.3.4 on the `stable` branch and `3.4.0.beta5` on the `beta` branch, someone who is about to reach the limit of users in a group DM may send requests to add new users in parallel. The requests might all go through ignoring the limit due to a race condition. The patch in versions `3.3.4` and `3.4.0.beta5` uses the `lock` step in service to wrap part of the `add_users_to_channel` service inside a distributed lock/mutex in order to avoid the race condition. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"26 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T16:23:54.000000Z"} https://vulnerability.circl.lu/sighting/57228ff8-9f5a-46e6-861e-f87f58747d56/export Wed, 26 Mar 2025 16:23:54 +0000 https://vulnerability.circl.lu/sighting/d1046a14-ce96-461f-93ae-4f48ded945df/export {"uuid": "d1046a14-ce96-461f-93ae-4f48ded945df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "Telegram/oYmpRnsP0n5l9UoNVnmi0Tqagk8hdqptE5SM8rliaeN2ddE", "content": "", "creation_timestamp": "2025-04-19T13:00:06.000000Z"} {"uuid": "d1046a14-ce96-461f-93ae-4f48ded945df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "Telegram/oYmpRnsP0n5l9UoNVnmi0Tqagk8hdqptE5SM8rliaeN2ddE", "content": "", "creation_timestamp": "2025-04-19T13:00:06.000000Z"} https://vulnerability.circl.lu/sighting/d1046a14-ce96-461f-93ae-4f48ded945df/export Sat, 19 Apr 2025 13:00:06 +0000 https://vulnerability.circl.lu/sighting/cae2ca9f-d206-424c-8de4-d3d52a53c62d/export {"uuid": "cae2ca9f-d206-424c-8de4-d3d52a53c62d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "Telegram/aFwfStP8wFlVkLpHBloIlhn7vOW90LKUAH04hsmOYUZn0T4", "content": "", "creation_timestamp": "2025-05-06T09:00:07.000000Z"} {"uuid": "cae2ca9f-d206-424c-8de4-d3d52a53c62d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "Telegram/aFwfStP8wFlVkLpHBloIlhn7vOW90LKUAH04hsmOYUZn0T4", "content": "", "creation_timestamp": "2025-05-06T09:00:07.000000Z"} https://vulnerability.circl.lu/sighting/cae2ca9f-d206-424c-8de4-d3d52a53c62d/export Tue, 06 May 2025 09:00:07 +0000 https://vulnerability.circl.lu/sighting/debbc8cf-04cf-4e6c-adb4-451dfabb5d61/export {"uuid": "debbc8cf-04cf-4e6c-adb4-451dfabb5d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/35931", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24801 Exploit \nURL\uff1ahttps://github.com/fatkz/CVE-2025-24801\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-05-07T18:19:52.000000Z"} {"uuid": "debbc8cf-04cf-4e6c-adb4-451dfabb5d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24801", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/35931", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24801 Exploit \nURL\uff1ahttps://github.com/fatkz/CVE-2025-24801\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-05-07T18:19:52.000000Z"} https://vulnerability.circl.lu/sighting/debbc8cf-04cf-4e6c-adb4-451dfabb5d61/export Wed, 07 May 2025 18:19:52 +0000