<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 07 Jul 2026 09:52:14 +0000</lastBuildDate>
    <item>
      <title>c1f4aaa1-53e6-4b85-a01e-c6d2354a9ff0</title>
      <link>https://vulnerability.circl.lu/sighting/c1f4aaa1-53e6-4b85-a01e-c6d2354a9ff0/export</link>
      <description>{"uuid": "c1f4aaa1-53e6-4b85-a01e-c6d2354a9ff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:02.000000Z"}</description>
      <content:encoded>{"uuid": "c1f4aaa1-53e6-4b85-a01e-c6d2354a9ff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-16T03:45:02.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c1f4aaa1-53e6-4b85-a01e-c6d2354a9ff0/export</guid>
      <pubDate>Tue, 16 Sep 2025 03:45:02 +0000</pubDate>
    </item>
    <item>
      <title>9167ae56-4303-4655-a91c-bd4bf42cf7c7</title>
      <link>https://vulnerability.circl.lu/sighting/9167ae56-4303-4655-a91c-bd4bf42cf7c7/export</link>
      <description>{"uuid": "9167ae56-4303-4655-a91c-bd4bf42cf7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}</description>
      <content:encoded>{"uuid": "9167ae56-4303-4655-a91c-bd4bf42cf7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f", "content": "", "creation_timestamp": "2025-09-15T13:28:32.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9167ae56-4303-4655-a91c-bd4bf42cf7c7/export</guid>
      <pubDate>Mon, 15 Sep 2025 13:28:32 +0000</pubDate>
    </item>
    <item>
      <title>46d7eeb0-b07c-4823-b78a-8630e6a8ff31</title>
      <link>https://vulnerability.circl.lu/sighting/46d7eeb0-b07c-4823-b78a-8630e6a8ff31/export</link>
      <description>{"uuid": "46d7eeb0-b07c-4823-b78a-8630e6a8ff31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25132", "type": "seen", "source": "https://t.me/cvedetector/20662", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25132 - OpenShift Dedicated Hive Hibernation Controller Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-25132 \nPublished : March 19, 2025, 6:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If a ClusterSync.hiveinternal.openshift.io/v1alpha1 resource is also created, the hive hibernation controller will enter the reconciliation loop leading to a panic when accessing a non-existing field in the ClusterDeployment\u2019s status section, resulting in a denial of service. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T20:29:49.000000Z"}</description>
      <content:encoded>{"uuid": "46d7eeb0-b07c-4823-b78a-8630e6a8ff31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25132", "type": "seen", "source": "https://t.me/cvedetector/20662", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25132 - OpenShift Dedicated Hive Hibernation Controller Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-25132 \nPublished : March 19, 2025, 6:15 p.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If a ClusterSync.hiveinternal.openshift.io/v1alpha1 resource is also created, the hive hibernation controller will enter the reconciliation loop leading to a panic when accessing a non-existing field in the ClusterDeployment\u2019s status section, resulting in a denial of service. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T20:29:49.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/46d7eeb0-b07c-4823-b78a-8630e6a8ff31/export</guid>
      <pubDate>Wed, 19 Mar 2025 20:29:49 +0000</pubDate>
    </item>
    <item>
      <title>c53f2fe9-a122-4209-9f59-6f28d8c5effa</title>
      <link>https://vulnerability.circl.lu/sighting/c53f2fe9-a122-4209-9f59-6f28d8c5effa/export</link>
      <description>{"uuid": "c53f2fe9-a122-4209-9f59-6f28d8c5effa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25132", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8111", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25132\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If a ClusterSync.hiveinternal.openshift.io/v1alpha1 resource is also created, the hive hibernation controller will enter the reconciliation loop leading to a panic when accessing a non-existing field in the ClusterDeployment\u2019s status section, resulting in a denial of service.\n\ud83d\udccf Published: 2025-03-19T17:57:14.659Z\n\ud83d\udccf Modified: 2025-03-19T17:57:14.659Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-25132\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2260371", "creation_timestamp": "2025-03-19T18:19:31.000000Z"}</description>
      <content:encoded>{"uuid": "c53f2fe9-a122-4209-9f59-6f28d8c5effa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25132", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8111", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25132\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)\n\ud83d\udd39 Description: A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If a ClusterSync.hiveinternal.openshift.io/v1alpha1 resource is also created, the hive hibernation controller will enter the reconciliation loop leading to a panic when accessing a non-existing field in the ClusterDeployment\u2019s status section, resulting in a denial of service.\n\ud83d\udccf Published: 2025-03-19T17:57:14.659Z\n\ud83d\udccf Modified: 2025-03-19T17:57:14.659Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2024-25132\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2260371", "creation_timestamp": "2025-03-19T18:19:31.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c53f2fe9-a122-4209-9f59-6f28d8c5effa/export</guid>
      <pubDate>Wed, 19 Mar 2025 18:19:31 +0000</pubDate>
    </item>
    <item>
      <title>17b39658-e58e-44ff-a27a-9100be6e06e3</title>
      <link>https://vulnerability.circl.lu/sighting/17b39658-e58e-44ff-a27a-9100be6e06e3/export</link>
      <description>{"uuid": "17b39658-e58e-44ff-a27a-9100be6e06e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25130", "type": "seen", "source": "Telegram/fZ5sjqAWXWkXTJC_HYes_Y5C9nfL1tnr0fwOrXKMXwr8NRuZ", "content": "", "creation_timestamp": "2025-02-06T02:44:21.000000Z"}</description>
      <content:encoded>{"uuid": "17b39658-e58e-44ff-a27a-9100be6e06e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25130", "type": "seen", "source": "Telegram/fZ5sjqAWXWkXTJC_HYes_Y5C9nfL1tnr0fwOrXKMXwr8NRuZ", "content": "", "creation_timestamp": "2025-02-06T02:44:21.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/17b39658-e58e-44ff-a27a-9100be6e06e3/export</guid>
      <pubDate>Thu, 06 Feb 2025 02:44:21 +0000</pubDate>
    </item>
    <item>
      <title>b9bd1c5c-1779-44d6-959e-069479c37d7e</title>
      <link>https://vulnerability.circl.lu/sighting/b9bd1c5c-1779-44d6-959e-069479c37d7e/export</link>
      <description>{"uuid": "b9bd1c5c-1779-44d6-959e-069479c37d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lep7dawqm42e", "content": "", "creation_timestamp": "2025-01-01T18:36:23.042420Z"}</description>
      <content:encoded>{"uuid": "b9bd1c5c-1779-44d6-959e-069479c37d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lep7dawqm42e", "content": "", "creation_timestamp": "2025-01-01T18:36:23.042420Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b9bd1c5c-1779-44d6-959e-069479c37d7e/export</guid>
      <pubDate>Wed, 01 Jan 2025 18:36:23 +0000</pubDate>
    </item>
    <item>
      <title>5b6c4f6b-4737-427e-b10a-56b9ea89a083</title>
      <link>https://vulnerability.circl.lu/sighting/5b6c4f6b-4737-427e-b10a-56b9ea89a083/export</link>
      <description>{"uuid": "5b6c4f6b-4737-427e-b10a-56b9ea89a083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://t.me/cvedetector/14037", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25133 - OpenShift Dedicated Hive ClusterDeployments Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-25133 \nPublished : Dec. 31, 2024, 3:15 p.m. | 40\u00a0minutes ago \nDescription : A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T17:03:37.000000Z"}</description>
      <content:encoded>{"uuid": "5b6c4f6b-4737-427e-b10a-56b9ea89a083", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://t.me/cvedetector/14037", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25133 - OpenShift Dedicated Hive ClusterDeployments Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-25133 \nPublished : Dec. 31, 2024, 3:15 p.m. | 40\u00a0minutes ago \nDescription : A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T17:03:37.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5b6c4f6b-4737-427e-b10a-56b9ea89a083/export</guid>
      <pubDate>Tue, 31 Dec 2024 17:03:37 +0000</pubDate>
    </item>
    <item>
      <title>d41e64b2-575a-4d53-beaa-9e4108f69194</title>
      <link>https://vulnerability.circl.lu/sighting/d41e64b2-575a-4d53-beaa-9e4108f69194/export</link>
      <description>{"uuid": "d41e64b2-575a-4d53-beaa-9e4108f69194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lemdngv5ve25", "content": "", "creation_timestamp": "2024-12-31T15:15:47.057979Z"}</description>
      <content:encoded>{"uuid": "d41e64b2-575a-4d53-beaa-9e4108f69194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lemdngv5ve25", "content": "", "creation_timestamp": "2024-12-31T15:15:47.057979Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d41e64b2-575a-4d53-beaa-9e4108f69194/export</guid>
      <pubDate>Tue, 31 Dec 2024 15:15:47 +0000</pubDate>
    </item>
    <item>
      <title>e158a486-7a90-4ec5-aa4a-746df9bfafff</title>
      <link>https://vulnerability.circl.lu/sighting/e158a486-7a90-4ec5-aa4a-746df9bfafff/export</link>
      <description>{"uuid": "e158a486-7a90-4ec5-aa4a-746df9bfafff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113747904621900088", "content": "", "creation_timestamp": "2024-12-31T14:28:03.480372Z"}</description>
      <content:encoded>{"uuid": "e158a486-7a90-4ec5-aa4a-746df9bfafff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25133", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113747904621900088", "content": "", "creation_timestamp": "2024-12-31T14:28:03.480372Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e158a486-7a90-4ec5-aa4a-746df9bfafff/export</guid>
      <pubDate>Tue, 31 Dec 2024 14:28:03 +0000</pubDate>
    </item>
    <item>
      <title>37a9fc7a-263d-4cc8-ba6f-7b794b3f7507</title>
      <link>https://vulnerability.circl.lu/sighting/37a9fc7a-263d-4cc8-ba6f-7b794b3f7507/export</link>
      <description>{"uuid": "37a9fc7a-263d-4cc8-ba6f-7b794b3f7507", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "https://t.me/cvedetector/13334", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25131 - OpenShift Dedicated MustGather Custom Defined Resource Privilege Escalation Persistence Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-25131 \nPublished : Dec. 19, 2024, 3:15 p.m. | 43\u00a0minutes ago \nDescription : A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T17:19:37.000000Z"}</description>
      <content:encoded>{"uuid": "37a9fc7a-263d-4cc8-ba6f-7b794b3f7507", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25131", "type": "seen", "source": "https://t.me/cvedetector/13334", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25131 - OpenShift Dedicated MustGather Custom Defined Resource Privilege Escalation Persistence Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-25131 \nPublished : Dec. 19, 2024, 3:15 p.m. | 43\u00a0minutes ago \nDescription : A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T17:19:37.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/37a9fc7a-263d-4cc8-ba6f-7b794b3f7507/export</guid>
      <pubDate>Thu, 19 Dec 2024 17:19:37 +0000</pubDate>
    </item>
  </channel>
</rss>
