{"vulnerability": "CVE-2019-9874", "sightings": [{"uuid": "88da2cf7-de05-4fa1-8cb0-b3f2431e0637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://thehackernews.com/2025/03/cisa-flags-two-six-year-old-sitecore.html", "content": "", "creation_timestamp": "2025-03-27T05:23:00.000000Z"}, {"uuid": "5b756c14-ae11-4cdf-9837-dd855895a9f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llola7qaum22", "content": "", "creation_timestamp": "2025-03-31T14:33:42.580669Z"}, {"uuid": "3b5690b7-0532-44ad-bce9-b70a1f0289fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3llcqscwrtk24", "content": "", "creation_timestamp": "2025-03-26T21:40:45.856195Z"}, {"uuid": "d5a87cdb-230b-43e3-a68c-c07d012ca711", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llqgmezaza42", "content": "", "creation_timestamp": "2025-04-01T08:16:10.203038Z"}, {"uuid": "7055be3e-8529-4704-82db-18100f10d9b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llcqprf46s2m", "content": "", "creation_timestamp": "2025-03-26T21:39:21.396140Z"}, {"uuid": "788df6c7-da85-48d1-9418-25d7f62fd1ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llddug4zvs24", "content": "", "creation_timestamp": "2025-03-27T03:21:57.653027Z"}, {"uuid": "bf2e075e-8e5f-4adc-865d-15a3b5664a58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lldnydutzx2r", "content": "", "creation_timestamp": "2025-03-27T06:23:07.550017Z"}, {"uuid": "ac940111-d6ac-47da-9003-71e306dce596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3llev6nnik22q", "content": "", "creation_timestamp": "2025-03-27T18:04:37.701324Z"}, {"uuid": "06375a9f-b05f-4e6c-8e73-01dd0094f144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llci45jqpj2n", "content": "", "creation_timestamp": "2025-03-26T19:05:11.723883Z"}, {"uuid": "f3b661d7-0056-4584-9d2c-071383dde63d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llcgyjkq4x2s", "content": "", "creation_timestamp": "2025-03-26T18:45:16.596848Z"}, {"uuid": "1434f8e3-db85-43d0-9674-5b1fd90573bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3llew35zjy22c", "content": "", "creation_timestamp": "2025-03-27T18:20:31.492240Z"}, {"uuid": "231f7f1b-d266-4c18-ab59-741da6028a60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3llew35zjy32c", "content": "", "creation_timestamp": "2025-03-27T18:20:32.497207Z"}, {"uuid": "6dbfaa57-2ed5-4d2b-96fa-3038160d1a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llf73zauip2e", "content": "", "creation_timestamp": "2025-03-27T21:02:03.254277Z"}, {"uuid": "2b8231b0-fe70-4755-8cac-8c488e03c01f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:13.000000Z"}, {"uuid": "3c65ecc9-f9fd-4b30-a1ca-1293ce1b771e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/harmonic-osc.bsky.social/post/3llfp55wnq22m", "content": "", "creation_timestamp": "2025-03-28T01:49:03.464811Z"}, {"uuid": "b3874d50-2d93-466d-adee-0f2224c275e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llgf5bjbymc2", "content": "", "creation_timestamp": "2025-03-28T08:24:45.695761Z"}, {"uuid": "2bef437f-e765-483d-8cad-30afb75bc252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llgiekpb6hc2", "content": "", "creation_timestamp": "2025-03-28T09:21:00.918239Z"}, {"uuid": "94ee2bef-9fca-4795-aed9-563922520c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llqiv35oy562", "content": "", "creation_timestamp": "2025-04-01T08:56:38.548401Z"}, {"uuid": "eda52727-b691-46c9-91e0-9ebddc5dbdc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lpigde3cat2g", "content": "", "creation_timestamp": "2025-05-19T01:30:11.472014Z"}, {"uuid": "610b53af-d3dc-4b85-b8b4-0b38c86b5054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:48:00.000000Z"}, {"uuid": "ba17d3df-f2e9-4ca5-8e80-b475e18264a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "751e63a9-09e3-41fa-9ba4-50d7a86b5958", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llqkdf42gok2", "content": "", "creation_timestamp": "2025-04-01T09:22:23.921942Z"}, {"uuid": "3d2a277f-dd0b-4a3b-9b53-a3efd839169c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llqotkv7hlk2", "content": "", "creation_timestamp": "2025-04-01T10:44:12.672298Z"}, {"uuid": "d0b72538-8ba6-40e6-b722-253a86bc214d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llgmskxjnzb2", "content": "", "creation_timestamp": "2025-03-28T10:40:14.698639Z"}, {"uuid": "1285e043-15d8-4952-9275-ef08c43f43fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llkhomli3c2b", "content": "", "creation_timestamp": "2025-03-29T23:18:58.669052Z"}, {"uuid": "7a8deba4-0fda-4e18-99e1-fce20f73dd2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2019/CVE-2019-9874.yaml", "content": "", "creation_timestamp": "2025-10-05T06:07:22.000000Z"}, {"uuid": "d47c6c16-e7b1-449b-8d7b-bf27b5aa6c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "25bfa863-0365-4d18-b25f-c24d1e702c90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2pk24qxhh2a", "content": "", "creation_timestamp": "2025-10-08T21:02:23.803270Z"}, {"uuid": "e7400e09-e647-4f3a-9dbd-1b6c7d9e7c68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "f96af3e0-84a8-4b34-959d-f8335e48de6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "4d8f41c9-5c87-48c9-82aa-7aa0c80b29ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8992", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2019-9874\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN.\n\ud83d\udccf Published: 2019-05-31T20:11:49.000Z\n\ud83d\udccf Modified: 2025-03-26T22:20:23.218Z\n\ud83d\udd17 References:\n1. https://dev.sitecore.net/Downloads.aspx\n2. https://www.synacktiv.com/blog.html\n3. https://www.synacktiv.com/ressources/advisories/Sitecore_CSRF_deserialize_RCE.pdf", "creation_timestamp": "2025-03-26T22:25:29.000000Z"}, {"uuid": "e6a08511-411e-48a9-815d-862c9425d2c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-9874", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6296e3ff-700f-4392-b387-ce7fb2fe2572", "content": "", "creation_timestamp": "2026-02-02T12:26:04.872876Z"}, {"uuid": "3742c993-a9ab-4e8b-94c6-9a8ae8647408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "exploited", "source": "https://t.me/ton618cyber/8265", "content": "CISA Flags Two Six-Year-Old Sitecore Flaws Amid Active Exploitation Evidence\n\nCISA adds Sitecore flaws CVE-2019-9874 and CVE-2019-9875 to KEV amid active exploitation and agency patch mandates.\n\nThe Hacker News | thehackernews.com \u2022 Mar 27, 2025", "creation_timestamp": "2025-03-28T16:21:03.000000Z"}, {"uuid": "765c312d-189a-4214-abe0-c4bf6dabab8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "exploited", "source": "https://t.me/ton618cyber/3291", "content": "CISA Flags Two Six-Year-Old Sitecore Flaws Amid Active Exploitation Evidence\n\nCISA adds Sitecore flaws CVE-2019-9874 and CVE-2019-9875 to KEV amid active exploitation and agency patch mandates.\n\nThe Hacker News | thehackernews.com \u2022 Mar 27, 2025", "creation_timestamp": "2025-03-28T16:21:04.000000Z"}, {"uuid": "6df3bbc3-b9ff-4a43-9602-3de98fa5e1df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "exploited", "source": "Telegram/vnfGcgZTmw9_EVWHSdT2Dra1ah-m73-CsaqZjzFekCo33A", "content": "", "creation_timestamp": "2025-03-27T09:30:43.000000Z"}, {"uuid": "6c3fc3c5-5cee-4f6a-b25b-47b1a8189c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "exploited", "source": "https://t.me/thehackernews/6564", "content": "\ud83d\udc40 6-year-old bugs are back\u2014and being weaponized.\n\nCISA just flagged two 2019 Sitecore RCE flaws (CVE-2019-9874 &amp; 9875) as actively exploited.\n\nBut it doesn\u2019t stop there:\n\u27a1\ufe0f Next.js auth bypass (CVE-2025-29927) is under live attack\n\u27a1\ufe0f DrayTek routers face fresh waves targeting old RCE/LFI bugs.\n\n\ud83d\udd17 Details: https://thehackernews.com/2025/03/cisa-flags-two-six-year-old-sitecore.html\n\nOld CVEs. New exploits. Patch now.", "creation_timestamp": "2025-03-27T07:26:21.000000Z"}, {"uuid": "2c4a0184-3495-410d-bc46-bba6a37815aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-9874", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-03)", "content": "", "creation_timestamp": "2026-05-03T00:00:00.000000Z"}]}