{"vulnerability": "CVE-2024-5769", "sightings": [{"uuid": "8ddd0122-f546-45f9-8136-6821d23bd110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5769", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcki77pnh2e", "content": "", "creation_timestamp": "2025-01-09T11:16:33.847107Z"}, {"uuid": "911bc58e-4305-46f0-a062-cc888fc5df08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5769", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113798459475482726", "content": "", "creation_timestamp": "2025-01-09T12:44:49.886755Z"}, {"uuid": "940d01cf-6f49-4440-a838-ec7dfefa033a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhhlymxzbi2f", "content": "", "creation_timestamp": "2025-02-05T22:17:20.834339Z"}, {"uuid": "3cd6d0a5-c696-4856-a639-d663621f490e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-di-sicurezza-prodotti-atlassian", "content": "", "creation_timestamp": "2026-02-20T13:38:22.000000Z"}, {"uuid": "49259673-4e58-467f-b62c-a5a6f81d1adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57698", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnyhw27dtf2h", "content": "", "creation_timestamp": "2025-04-29T23:50:44.767117Z"}, {"uuid": "b27776a2-69a0-4c80-a34d-7edc0ba5639b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57695", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5ehvfw23r2n", "content": "", "creation_timestamp": "2025-11-11T15:40:14.397574Z"}, {"uuid": "5444f260-061d-420a-9344-21eb86c2343f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0314/", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "ff0f51e0-3bcc-4313-aecb-a3752838eadf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57695", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5eon25pjmp2", "content": "", "creation_timestamp": "2025-11-11T17:41:29.201318Z"}, {"uuid": "0e6d9fcb-f2ad-47a3-b241-559818f36df4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1729", "content": "", "creation_timestamp": "2026-01-21T04:00:00.000000Z"}, {"uuid": "bb5463fb-bfb2-47b9-9e8f-e7f595c13c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mhdo3de6y72z", "content": "", "creation_timestamp": "2026-03-18T14:10:12.445738Z"}, {"uuid": "0b7ea1c9-6df9-49e9-9bb0-e992c12685d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "9f8113e4-d1a2-46e5-98fe-27b93fdf615f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://t.me/cvedetector/17343", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57699 - Netplex Json-smart Denial of Service (DoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57699 \nPublished : Feb. 5, 2025, 10:15 p.m. | 2\u00a0hours, 1\u00a0minute ago \nDescription : A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially crafted JSON input, containing a large number of \u2019{\u2019, a stack exhaustion can be trigger, which could allow an attacker to cause a Denial of Service (DoS). This issue exists because of an incomplete fix for CVE-2023-1370. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T01:50:52.000000Z"}, {"uuid": "0477519c-da01-4432-9907-abf4fccb9533", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57698", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13905", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57698\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without authentication, even after initial configuration and password change. This happens due to excessive exposure of information and the lack of adequate access control on the /user/list?culture=en-us endpoint.\n\ud83d\udccf Published: 2025-04-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T20:05:11.346Z\n\ud83d\udd17 References:\n1. https://github.com/rodolfomarianocy/xpl-ModernWMS", "creation_timestamp": "2025-04-29T20:12:24.000000Z"}, {"uuid": "e31f6dfe-1141-491d-b6d4-2c87c9b9c2ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5769", "type": "seen", "source": "https://t.me/cvedetector/14827", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5769 - \"Wordpress MIMO Woocommerce Order Tracking Plugin Unauthorized Data Modification Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-5769 \nPublished : Jan. 9, 2025, 11:15 a.m. | 22\u00a0minutes ago \nDescription : The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to add, update, and delete shipper tracking settings. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T12:44:36.000000Z"}, {"uuid": "3732baca-34b6-4537-90dc-b540f69b8307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57699", "type": "seen", "source": "https://t.me/true_secator/7151", "content": "\u0412 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0434\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043c \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f:\n\n1. BeyondTrust \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u0441\u0442\u043e\u043b\u0430.\n\nCVE-2025-5309 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Resilion\u00a0\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b BeyondTrust Remote Support \u0438 Privileged Remote Access. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0448\u0430\u0431\u043b\u043e\u043d\u0438\u0437\u0430\u0442\u043e\u0440 BeyondTrust \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\n2. Citrix \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0434\u043b\u044f \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0440\u0435\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 (CVE-2025-5777) \u0432 NetScaler ADC \u0438 NetScaler Gateway.\n\nCitrix \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435.\u00a0\n\n3. \u0414\u0436\u043e\u043d\u0430\u0442\u0430\u043d \u041c\u044d\u043d\u043d\u0445\u0435\u043d \u043e\u0442\u044b\u0441\u043a\u0430\u043b \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Erlang/OTP ZIP-\u043f\u0440\u043e\u0446\u0435\u0434\u0443\u0440, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0430\u0431\u0441\u043e\u043b\u044e\u0442\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043f\u0443\u0442\u044c \u043f\u043e \u0441\u0432\u043e\u0435\u043c\u0443 \u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0438\u044e.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 CrowdStrike \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043e\u0431\u0437\u043e\u0440 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u0438, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0439 \u043a\u0430\u043a \u043e\u0431\u0445\u043e\u0434 AMSI \u0431\u0435\u0437 \u043f\u0430\u0442\u0447\u0435\u0439, \u0435\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n5. Cisco \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439.\n\n6. Atlassian \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u0445 Bamboo, Bitbucket, Confluence, Crowd \u0438 Jira.\n\n\u041a \u043d\u0438\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f CVE-2025-22228 (\u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u0432 Spring), CVE-2025-24970 (DoS \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Netty), CVE-2024-38816 (\u043e\u0431\u0445\u043e\u0434 \u043f\u0443\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 \u0432\u0435\u0431-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430\u043c\u0438 WebMvc.fn \u0438 WebFlux.fn), CVE-2024-57699 (DoS \u0432 Netplex Json-smart) \u0438 CVE-2025-31650 (DoS \u0432 Apache Tomcat).\n\n7. Microsoft \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u043f\u043b\u0430\u043d\u0430\u0445 \u043f\u0435\u0440\u0438\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432 \u0438\u0437 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows \u0434\u043b\u044f \u0441\u043d\u0438\u0436\u0435\u043d\u0438\u044f \u0440\u0438\u0441\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u0438.\n\n8. GreyNoise \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0435 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-28771 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8) \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Zyxel, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u0434\u043e\u0437\u0440\u0435\u0432\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u043c \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai.\n\n9. \u041d\u0435\u0434\u0430\u0432\u043d\u044f\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Langflow, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a CVE-2025-3248, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0432\u043e\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0431\u043e\u0442\u043d\u0435\u0442 Flodrix, \u043e \u0447\u0435\u043c \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 Trend Micro.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Langflow, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 PoC, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0435 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0432 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445.", "creation_timestamp": "2025-06-20T18:30:05.000000Z"}, {"uuid": "a1d440d4-d20f-4ef3-9218-b7a1abaf63c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5769", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/947", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-5769\n\ud83d\udd39 Description: The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to add, update, and delete shipper tracking settings.\n\ud83d\udccf Published: 2025-01-09T11:10:56.814Z\n\ud83d\udccf Modified: 2025-01-09T11:10:56.814Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/47c666b1-1ac2-4764-bbee-385ec321a580?source=cve\n2. https://plugins.trac.wordpress.org/browser/mimo-woocommerce-order-tracking/tags/1.0.2/mimo-woocommerce-order-tracking.php#L264\n3. https://plugins.trac.wordpress.org/browser/mimo-woocommerce-order-tracking/tags/1.0.2/mimo-woocommerce-order-tracking.php#L292\n4. https://plugins.trac.wordpress.org/browser/mimo-woocommerce-order-tracking/tags/1.0.2/mimo-woocommerce-order-tracking.php#L322\n5. https://plugins.trac.wordpress.org/browser/mimo-woocommerce-order-tracking/tags/1.0.2/mimo-woocommerce-order-tracking.php#L137", "creation_timestamp": "2025-01-09T12:16:38.000000Z"}, {"uuid": "1c4a2cba-bfbf-4af5-bd50-be5c6de381b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-57698", "type": "seen", "source": "https://t.me/cvedetector/24048", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57698 - Modernwms Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57698 \nPublished : April 29, 2025, 8:15 p.m. | 48\u00a0minutes ago \nDescription : An issue in modernwms v.1.0 allows an attacker view the MD5 hash of the administrator password and other attributes without authentication, even after initial configuration and password change. This happens due to excessive exposure of information and the lack of adequate access control on the /user/list?culture=en-us endpoint. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T23:31:41.000000Z"}]}