https://vulnerability.circl.lu/sightings/feed 2026-06-22T21:40:57.638568+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/8c7351fc-42cb-4c72-bc9b-b4398d9d9bd2/export 2026-06-22T21:40:57.995438+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "8c7351fc-42cb-4c72-bc9b-b4398d9d9bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"} 2023-01-28T19:14:38+00:00 https://vulnerability.circl.lu/sighting/faa2c816-a451-4012-9b11-4fe050facea2/export 2026-06-22T21:40:57.995372+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "faa2c816-a451-4012-9b11-4fe050facea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7652", "content": "#exploit\n1. CVE-2022-44900:\nDirectory traversal vulnerability in SevenZipFile.extractall() function\nhttps://github.com/0xless/CVE-2022-44900-demo-lab\n\n2. CVE-2022-25765:\nPDFkit CMD Injection\nhttps://github.com/nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765", "creation_timestamp": "2023-01-30T12:34:25.000000Z"} 2023-01-30T12:34:25+00:00 https://vulnerability.circl.lu/sighting/c0d7558d-56b5-44a6-a16d-93a223488a74/export 2026-06-22T21:40:57.995307+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c0d7558d-56b5-44a6-a16d-93a223488a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/1287", "content": "\u200b\u200bCVE-2022-25765\n\nExploit for CVE-2022-25765 command injection in pdfkit < 0.8.6\n\nhttps://github.com/nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765\n\n#cve #poc #exploit", "creation_timestamp": "2023-01-30T22:53:50.000000Z"} 2023-01-30T22:53:50+00:00 https://vulnerability.circl.lu/sighting/fefb9a81-902d-4895-8c1c-a3a3c870e40c/export 2026-06-22T21:40:57.995243+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "fefb9a81-902d-4895-8c1c-a3a3c870e40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "seen", "source": "https://t.me/proxy_bar/1347", "content": "CVE-2022-25765 - PDFkit-CMD-Injection\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u044b\u0440\u043a\u0438 \u0442\u0443\u0442\nexploit\n\n#exploit", "creation_timestamp": "2023-01-31T05:59:59.000000Z"} 2023-01-31T05:59:59+00:00 https://vulnerability.circl.lu/sighting/ecb933a4-dfd1-480d-8b85-f815c793c460/export 2026-06-22T21:40:57.995174+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ecb933a4-dfd1-480d-8b85-f815c793c460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2497", "content": "Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6\n\ndownload: https://system32.ink/news-feed/p/209/", "creation_timestamp": "2023-02-02T11:57:40.000000Z"} 2023-02-02T11:57:40+00:00 https://vulnerability.circl.lu/sighting/2407c927-0628-4ff9-a226-44ed9f0cfd3b/export 2026-06-22T21:40:57.995107+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "2407c927-0628-4ff9-a226-44ed9f0cfd3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "published-proof-of-concept", "source": "Telegram/Jlnijv-_qCNdG8pk9ZaWqsDMPV8FiAY7bukyinbc-jdofzA", "content": "", "creation_timestamp": "2023-03-14T10:12:05.000000Z"} 2023-03-14T10:12:05+00:00 https://vulnerability.circl.lu/sighting/9ff000c3-9289-4132-bac8-590d5afc9486/export 2026-06-22T21:40:57.995032+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "9ff000c3-9289-4132-bac8-590d5afc9486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4604", "content": "PDFkit CMD-Injection (CVE-2022-25765)\n\nExploit\n\n#CVE #POC #Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:25:57.000000Z"} 2023-05-20T00:25:57+00:00 https://vulnerability.circl.lu/sighting/44466181-93f4-4202-8f97-6f5bbfa0fcd9/export 2026-06-22T21:40:57.994956+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "44466181-93f4-4202-8f97-6f5bbfa0fcd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/680", "content": "cve-2022-25765\n\nGET /?name=%20ls\n\n#poc", "creation_timestamp": "2023-07-02T13:30:24.000000Z"} 2023-07-02T13:30:24+00:00 https://vulnerability.circl.lu/sighting/83a92042-9b2a-4e13-be7d-d42cbdf9bb47/export 2026-06-22T21:40:57.994853+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "83a92042-9b2a-4e13-be7d-d42cbdf9bb47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "seen", "source": "https://t.me/GithubRedTeam/86709", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2022-25765-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Jeanback1\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 16:05:58\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T16:06:40.000000Z"} 2026-05-31T16:06:40+00:00 https://vulnerability.circl.lu/sighting/0fd66021-7ea2-4c71-bc79-5d4e484fea36/export 2026-06-22T21:40:57.993183+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0fd66021-7ea2-4c71-bc79-5d4e484fea36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25765", "type": "seen", "source": "Telegram/ZoY6dRqoyhlR4mBfSRB4aFzKbPGG5Dw602ZRl8-Iopy1ppw", "content": "", "creation_timestamp": "2026-05-31T19:00:11.000000Z"} 2026-05-31T19:00:11+00:00