https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 23 Jun 2026 19:49:37 +0000 https://vulnerability.circl.lu/sighting/726772ef-4a2b-45c9-a681-2d1dcca99088/export {"uuid": "726772ef-4a2b-45c9-a681-2d1dcca99088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"} {"uuid": "726772ef-4a2b-45c9-a681-2d1dcca99088", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/726772ef-4a2b-45c9-a681-2d1dcca99088/export Fri, 20 Mar 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/a70f0cfb-d52f-4e49-b490-3173e71d9cbb/export {"uuid": "a70f0cfb-d52f-4e49-b490-3173e71d9cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "https://bsky.app/profile/hackmag.com/post/3mhkaqgak6e2o", "content": "", "creation_timestamp": "2026-03-21T05:00:07.243564Z"} {"uuid": "a70f0cfb-d52f-4e49-b490-3173e71d9cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "https://bsky.app/profile/hackmag.com/post/3mhkaqgak6e2o", "content": "", "creation_timestamp": "2026-03-21T05:00:07.243564Z"} https://vulnerability.circl.lu/sighting/a70f0cfb-d52f-4e49-b490-3173e71d9cbb/export Sat, 21 Mar 2026 05:00:07 +0000 https://vulnerability.circl.lu/sighting/2b26654c-923c-435f-8300-045191803031/export {"uuid": "2b26654c-923c-435f-8300-045191803031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"} {"uuid": "2b26654c-923c-435f-8300-045191803031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/2b26654c-923c-435f-8300-045191803031/export Thu, 26 Mar 2026 00:00:00 +0000 https://vulnerability.circl.lu/sighting/a17dabec-a4a7-4283-9898-879d667f0115/export {"uuid": "a17dabec-a4a7-4283-9898-879d667f0115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mj3eardusz2w", "content": "", "creation_timestamp": "2026-04-09T17:43:22.449569Z"} {"uuid": "a17dabec-a4a7-4283-9898-879d667f0115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3mj3eardusz2w", "content": "", "creation_timestamp": "2026-04-09T17:43:22.449569Z"} https://vulnerability.circl.lu/sighting/a17dabec-a4a7-4283-9898-879d667f0115/export Thu, 09 Apr 2026 17:43:22 +0000 https://vulnerability.circl.lu/sighting/205f6560-cf11-4af9-9f15-e696dd2208d3/export {"uuid": "205f6560-cf11-4af9-9f15-e696dd2208d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "Telegram/6_gD9pQtVCg_eRlU_-Eqvw6JM83wq5C4Rc0rf2uF-yzttPU", "content": "", "creation_timestamp": "2026-05-13T09:00:04.000000Z"} {"uuid": "205f6560-cf11-4af9-9f15-e696dd2208d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "Telegram/6_gD9pQtVCg_eRlU_-Eqvw6JM83wq5C4Rc0rf2uF-yzttPU", "content": "", "creation_timestamp": "2026-05-13T09:00:04.000000Z"} https://vulnerability.circl.lu/sighting/205f6560-cf11-4af9-9f15-e696dd2208d3/export Wed, 13 May 2026 09:00:04 +0000 https://vulnerability.circl.lu/sighting/920c4010-02a6-4db4-ae9f-7f4b1644a008/export {"uuid": "920c4010-02a6-4db4-ae9f-7f4b1644a008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-54236", "type": "seen", "source": "https://bsky.app/profile/konvis.bsky.social/post/3mmetej5rtafs", "content": "Session Reaper Bug \u2013 kritischer Bug in Magento Onlineshop (CVE-2025-54236)\n\nEben kam die Info bei uns an, dass es leider wieder einen kritischen Magento Sicherheitsbug gibt. Es...\n\nhttps://www.konvis.de/neuigkeiten/magento/sessionreaper-bug-kritischer-bug-in-magento-onlineshop-cve-2025-54236/", "creation_timestamp": "2026-05-21T16:23:27.678312Z"} {"uuid": "920c4010-02a6-4db4-ae9f-7f4b1644a008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-54236", "type": "seen", "source": "https://bsky.app/profile/konvis.bsky.social/post/3mmetej5rtafs", "content": "Session Reaper Bug \u2013 kritischer Bug in Magento Onlineshop (CVE-2025-54236)\n\nEben kam die Info bei uns an, dass es leider wieder einen kritischen Magento Sicherheitsbug gibt. Es...\n\nhttps://www.konvis.de/neuigkeiten/magento/sessionreaper-bug-kritischer-bug-in-magento-onlineshop-cve-2025-54236/", "creation_timestamp": "2026-05-21T16:23:27.678312Z"} https://vulnerability.circl.lu/sighting/920c4010-02a6-4db4-ae9f-7f4b1644a008/export Thu, 21 May 2026 16:23:27 +0000 https://vulnerability.circl.lu/sighting/2cb6cfa4-1000-4f67-ac1a-f2ce1af85faa/export {"uuid": "2cb6cfa4-1000-4f67-ac1a-f2ce1af85faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "Telegram/Ob2oA_mupoVDMqE6Q_QCizAK8aYtg6z11DPx_SkAfocJmb0", "content": "", "creation_timestamp": "2026-05-24T21:00:04.000000Z"} {"uuid": "2cb6cfa4-1000-4f67-ac1a-f2ce1af85faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "seen", "source": "Telegram/Ob2oA_mupoVDMqE6Q_QCizAK8aYtg6z11DPx_SkAfocJmb0", "content": "", "creation_timestamp": "2026-05-24T21:00:04.000000Z"} https://vulnerability.circl.lu/sighting/2cb6cfa4-1000-4f67-ac1a-f2ce1af85faa/export Sun, 24 May 2026 21:00:04 +0000 https://vulnerability.circl.lu/sighting/47105baa-19bd-4344-bfbf-b2f6a0c35849/export {"uuid": "47105baa-19bd-4344-bfbf-b2f6a0c35849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "published-proof-of-concept", "source": "https://t.me/captainsmok3r_official/349", "content": "many people ask me:\nWhat is this vulnerability where attackers upload .txt files (like cox.txt) to websites with these paths? like:\nhttps://www.elgrantlapalero.com/media/customer_address/c/o/cox.txt\nhttps://tulip.store.oysterskin.ai/media/customer_address/a/z/azraelzeroday.txt\nhttps://zone-h.org/mirror/id/42506300\nAnswer: \nThese are two popular unauthenticated file upload vulnerabilities in Magento 2 / Adobe Commerce.\n1. SessionReaper (CVE-2025-54236) Uses the path: /media/customer_address/c/o/cox.txt Comes from the customer address file upload feature (/customer/address_file/upload).\n2. PolyShell (newer vulnerability) \nUses the path: /media/custom_options/quote/.../*.txt Exploited through the REST API when adding items to the cart with custom file options.\npoc:\nhttps://github.com/Baba01hacker666/cve-2025-54236", "creation_timestamp": "2026-06-04T14:09:50.000000Z"} {"uuid": "47105baa-19bd-4344-bfbf-b2f6a0c35849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "published-proof-of-concept", "source": "https://t.me/captainsmok3r_official/349", "content": "many people ask me:\nWhat is this vulnerability where attackers upload .txt files (like cox.txt) to websites with these paths? like:\nhttps://www.elgrantlapalero.com/media/customer_address/c/o/cox.txt\nhttps://tulip.store.oysterskin.ai/media/customer_address/a/z/azraelzeroday.txt\nhttps://zone-h.org/mirror/id/42506300\nAnswer: \nThese are two popular unauthenticated file upload vulnerabilities in Magento 2 / Adobe Commerce.\n1. SessionReaper (CVE-2025-54236) Uses the path: /media/customer_address/c/o/cox.txt Comes from the customer address file upload feature (/customer/address_file/upload).\n2. PolyShell (newer vulnerability) \nUses the path: /media/custom_options/quote/.../*.txt Exploited through the REST API when adding items to the cart with custom file options.\npoc:\nhttps://github.com/Baba01hacker666/cve-2025-54236", "creation_timestamp": "2026-06-04T14:09:50.000000Z"} https://vulnerability.circl.lu/sighting/47105baa-19bd-4344-bfbf-b2f6a0c35849/export Thu, 04 Jun 2026 14:09:50 +0000 https://vulnerability.circl.lu/sighting/324db1a8-5fe0-4f33-bdc3-a9f325f1b50f/export {"uuid": "324db1a8-5fe0-4f33-bdc3-a9f325f1b50f", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e217d80-c444-43cf-a298-ce880d13b485", "content": "", "creation_timestamp": "2026-06-19T12:45:23.154464Z"} {"uuid": "324db1a8-5fe0-4f33-bdc3-a9f325f1b50f", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/7e217d80-c444-43cf-a298-ce880d13b485", "content": "", "creation_timestamp": "2026-06-19T12:45:23.154464Z"} https://vulnerability.circl.lu/sighting/324db1a8-5fe0-4f33-bdc3-a9f325f1b50f/export Fri, 19 Jun 2026 12:45:23 +0000 https://vulnerability.circl.lu/sighting/cc325ce1-c233-47e2-a9c6-01aced0e70b5/export {"uuid": "cc325ce1-c233-47e2-a9c6-01aced0e70b5", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/529db509-c992-45cb-9674-cf0ea04079f4", "content": "", "creation_timestamp": "2026-06-23T14:03:48.572839Z"} {"uuid": "cc325ce1-c233-47e2-a9c6-01aced0e70b5", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-54236", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/529db509-c992-45cb-9674-cf0ea04079f4", "content": "", "creation_timestamp": "2026-06-23T14:03:48.572839Z"} https://vulnerability.circl.lu/sighting/cc325ce1-c233-47e2-a9c6-01aced0e70b5/export Tue, 23 Jun 2026 14:03:48 +0000