https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 05:23:33 +0000 https://vulnerability.circl.lu/sighting/a0329bd0-3b1e-444c-8c25-c5657bbd729f/export {"uuid": "a0329bd0-3b1e-444c-8c25-c5657bbd729f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2972", "type": "seen", "source": "https://t.me/cvedetector/21541", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2972 - ConcreteCMS Page Attribute Display Block Handler Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2972 \nPublished : March 31, 2025, 3:15 a.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in ConcreteCMS up to 9.3.9. Affected by this issue is some unknown functionality of the component Page Attribute Display Block Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T07:28:44.000000Z"} {"uuid": "a0329bd0-3b1e-444c-8c25-c5657bbd729f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2972", "type": "seen", "source": "https://t.me/cvedetector/21541", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2972 - ConcreteCMS Page Attribute Display Block Handler Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2972 \nPublished : March 31, 2025, 3:15 a.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in ConcreteCMS up to 9.3.9. Affected by this issue is some unknown functionality of the component Page Attribute Display Block Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T07:28:44.000000Z"} https://vulnerability.circl.lu/sighting/a0329bd0-3b1e-444c-8c25-c5657bbd729f/export Mon, 31 Mar 2025 07:28:44 +0000 https://vulnerability.circl.lu/sighting/001163c7-f179-4dc5-8a91-a1ab048b73d6/export {"uuid": "001163c7-f179-4dc5-8a91-a1ab048b73d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114337567683853203", "content": "", "creation_timestamp": "2025-04-14T17:47:07.681784Z"} {"uuid": "001163c7-f179-4dc5-8a91-a1ab048b73d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114337567683853203", "content": "", "creation_timestamp": "2025-04-14T17:47:07.681784Z"} https://vulnerability.circl.lu/sighting/001163c7-f179-4dc5-8a91-a1ab048b73d6/export Mon, 14 Apr 2025 17:47:07 +0000 https://vulnerability.circl.lu/sighting/0fe705a0-006f-4e03-8dfa-a0abec37b0cf/export {"uuid": "0fe705a0-006f-4e03-8dfa-a0abec37b0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmsfw4vsux2q", "content": "", "creation_timestamp": "2025-04-14T20:33:49.755715Z"} {"uuid": "0fe705a0-006f-4e03-8dfa-a0abec37b0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmsfw4vsux2q", "content": "", "creation_timestamp": "2025-04-14T20:33:49.755715Z"} https://vulnerability.circl.lu/sighting/0fe705a0-006f-4e03-8dfa-a0abec37b0cf/export Mon, 14 Apr 2025 20:33:49 +0000 https://vulnerability.circl.lu/sighting/b00994c1-96b9-4ab6-827a-791e923309c3/export {"uuid": "b00994c1-96b9-4ab6-827a-791e923309c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://t.me/cvedetector/22883", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29720 - Dify SSRF\", \n \"Content\": \"CVE ID : CVE-2025-29720 \nPublished : April 14, 2025, 5:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"14 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-14T21:22:02.000000Z"} {"uuid": "b00994c1-96b9-4ab6-827a-791e923309c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29720", "type": "seen", "source": "https://t.me/cvedetector/22883", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29720 - Dify SSRF\", \n \"Content\": \"CVE ID : CVE-2025-29720 \nPublished : April 14, 2025, 5:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"14 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-14T21:22:02.000000Z"} https://vulnerability.circl.lu/sighting/b00994c1-96b9-4ab6-827a-791e923309c3/export Mon, 14 Apr 2025 21:22:02 +0000 https://vulnerability.circl.lu/sighting/6b6be32c-7c02-455a-8853-e1e8f4ec7dbd/export {"uuid": "6b6be32c-7c02-455a-8853-e1e8f4ec7dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "published-proof-of-concept", "source": "Telegram/EUjFtpfWmQCCiI3QE6k9fNf8U9NSLKRgk3MQ4WNVb8t4qx0", "content": "", "creation_timestamp": "2025-04-15T23:00:05.000000Z"} {"uuid": "6b6be32c-7c02-455a-8853-e1e8f4ec7dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "published-proof-of-concept", "source": "Telegram/EUjFtpfWmQCCiI3QE6k9fNf8U9NSLKRgk3MQ4WNVb8t4qx0", "content": "", "creation_timestamp": "2025-04-15T23:00:05.000000Z"} https://vulnerability.circl.lu/sighting/6b6be32c-7c02-455a-8853-e1e8f4ec7dbd/export Tue, 15 Apr 2025 23:00:05 +0000 https://vulnerability.circl.lu/sighting/eee69e9a-2805-4e20-b6e3-fed85fd26b0c/export {"uuid": "eee69e9a-2805-4e20-b6e3-fed85fd26b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12300", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29722\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints.\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T17:34:41.557Z\n\ud83d\udd17 References:\n1. https://github.com/yassmittal/Commercify\n2. https://github.com/cypherdavy/CVE-2025-29722", "creation_timestamp": "2025-04-17T17:57:35.000000Z"} {"uuid": "eee69e9a-2805-4e20-b6e3-fed85fd26b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12300", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29722\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints.\n\ud83d\udccf Published: 2025-04-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T17:34:41.557Z\n\ud83d\udd17 References:\n1. https://github.com/yassmittal/Commercify\n2. https://github.com/cypherdavy/CVE-2025-29722", "creation_timestamp": "2025-04-17T17:57:35.000000Z"} https://vulnerability.circl.lu/sighting/eee69e9a-2805-4e20-b6e3-fed85fd26b0c/export Thu, 17 Apr 2025 17:57:35 +0000 https://vulnerability.circl.lu/sighting/e9ec7fc7-72e2-4865-97b3-d2f54aa493ba/export {"uuid": "e9ec7fc7-72e2-4865-97b3-d2f54aa493ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzrqzscmr2l", "content": "", "creation_timestamp": "2025-04-17T18:54:29.538144Z"} {"uuid": "e9ec7fc7-72e2-4865-97b3-d2f54aa493ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmzrqzscmr2l", "content": "", "creation_timestamp": "2025-04-17T18:54:29.538144Z"} https://vulnerability.circl.lu/sighting/e9ec7fc7-72e2-4865-97b3-d2f54aa493ba/export Thu, 17 Apr 2025 18:54:29 +0000 https://vulnerability.circl.lu/sighting/ba32ab97-d7cc-4d36-a441-ec18861caf7c/export {"uuid": "ba32ab97-d7cc-4d36-a441-ec18861caf7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "https://t.me/cvedetector/23270", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29722 - Commercify CSRF Weakness\", \n \"Content\": \"CVE ID : CVE-2025-29722 \nPublished : April 17, 2025, 6:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T23:01:09.000000Z"} {"uuid": "ba32ab97-d7cc-4d36-a441-ec18861caf7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "https://t.me/cvedetector/23270", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-29722 - Commercify CSRF Weakness\", \n \"Content\": \"CVE ID : CVE-2025-29722 \nPublished : April 17, 2025, 6:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-17T23:01:09.000000Z"} https://vulnerability.circl.lu/sighting/ba32ab97-d7cc-4d36-a441-ec18861caf7c/export Thu, 17 Apr 2025 23:01:09 +0000 https://vulnerability.circl.lu/sighting/1a651481-c376-44e4-8cf0-e441b99dc10a/export {"uuid": "1a651481-c376-44e4-8cf0-e441b99dc10a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:56.000000Z"} {"uuid": "1a651481-c376-44e4-8cf0-e441b99dc10a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:56.000000Z"} https://vulnerability.circl.lu/sighting/1a651481-c376-44e4-8cf0-e441b99dc10a/export Sat, 09 Aug 2025 13:26:56 +0000 https://vulnerability.circl.lu/sighting/11cf2a41-339c-4a75-a394-eee8c64976b7/export {"uuid": "11cf2a41-339c-4a75-a394-eee8c64976b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:38.000000Z"} {"uuid": "11cf2a41-339c-4a75-a394-eee8c64976b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29722", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:38.000000Z"} https://vulnerability.circl.lu/sighting/11cf2a41-339c-4a75-a394-eee8c64976b7/export Mon, 11 Aug 2025 18:47:38 +0000