https://vulnerability.circl.lu/sightings/feed 2026-06-21T06:44:04.188125+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a3392733-6433-41f5-b728-b01e53d44712/export 2026-06-21T06:44:04.370764+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a3392733-6433-41f5-b728-b01e53d44712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20061", "type": "seen", "source": "https://t.me/true_secator/6862", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437\u044b:\n\n1. \u041d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0439 \u043a\u0430\u043a\u00a0DRAY:BREAK, \u0442\u0435\u043f\u0435\u0440\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Mirai. \u041f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b DrayTek Vigor.\n\n2. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr \u0432\u044b\u044f\u0432\u0438\u043b\u0438\u00a0\u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00a0\u0432 Kentico Xperience CMS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041e\u043d\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0434\u0432\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 RCE \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041f\u0430\u0442\u0447\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u043d\u043e CVE \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442.\n\n3. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0422\u0430\u043d \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0434\u0432\u0435\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 JavaScript XML-crypto, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0433\u0434\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0445 XML-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\nWorkOS \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 SAML \u0438 \u0432\u044b\u0434\u0430\u0447\u0438 \u0441\u0435\u0431\u044f \u0437\u0430 \u043b\u044e\u0431\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0440\u0443\u0433\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 SAML, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443, \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b.\n\n4. \u0412 SIEM \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c Wazuh \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u043e\u0448\u0438\u0431\u043a\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (CVE-2025-24016).\n\n5. 0-day \u0432 Windows \u044d\u043a\u0441\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0439 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u043e\u0441\u044c\u043c\u0438 \u043b\u0435\u0442.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u044b \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u0432 \u0444\u0430\u0439\u043b\u044b \u044f\u0440\u043b\u044b\u043a\u043e\u0432 LNK, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435\u0432\u0438\u0434\u0438\u043c\u044b \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 11 APT \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u043d\u0443\u043b\u044c \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 LNK. \n\nTrend Micro\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u043e\u0447\u0442\u0438 1000 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 LNK, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044e\u0449\u0438\u0445 \u044d\u0442\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u043a\u043e\u0439.\n\n\u041d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0443\u0434\u0438\u0432\u043b\u044f\u0435\u0442 Microsoft, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u0447\u0435\u0442\u0430 Trend Micro \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u0412\u0438\u0434\u0438\u043c\u043e, \u043d\u0435 \u0441\u043e\u0433\u043b\u0430\u0441\u043e\u0432\u0430\u043b\u0438 \u043a\u0443\u0440\u0430\u0442\u043e\u0440\u044b.\n\n6. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 WordPress \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0432\u0441\u0435 \u043f\u0440\u043e\u0449\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u043d\u0430 \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0432\u044b\u0432\u043e\u0434\u044b \u0438\u0437\u00a0\u043e\u0442\u0447\u0435\u0442\u0430 Patchstack \u0437\u0430 2024 \u0433\u043e\u0434.\n\n43% \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 WordPress, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u043d\u0435 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0430 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u043e \u043f\u043b\u0430\u0433\u0438\u043d\u044b, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044e, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u043b\u0438\u0448\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0432\u0440\u0435\u043c\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u043e \u043a\u043e\u0440\u043e\u0447\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b. \u041f\u043e \u0438\u0442\u043e\u0433\u0430\u043c \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043e \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u0443\u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress.\n\n7. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PRODAFT \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 mySCADA myPRO, \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0441\u0431\u043e\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 OT, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u041e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043d\u0430 9,3 \u043f\u043e CVSS v4 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20014 \u0438 CVE-2025-20061.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043b\u044e\u0431\u043e\u0439 \u0438\u0437 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 mySCADA PRO \u041c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 1.3 \u0438 mySCADA PRO Runtime 9.2.1.", "creation_timestamp": "2025-03-20T18:30:07.000000Z"} 2025-03-20T18:30:07+00:00 https://vulnerability.circl.lu/sighting/f82a1544-ef74-4c78-add1-98d93ce4a613/export 2026-06-21T06:44:04.370661+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "f82a1544-ef74-4c78-add1-98d93ce4a613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2006", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9537", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2006\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploading functionality in all versions up to, and including, 1.1.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This may be exploitable by unauthenticated attackers when the \"Allow guest users without accounts to create topics and replies\" setting is enabled.\n\ud83d\udccf Published: 2025-03-29T07:03:31.321Z\n\ud83d\udccf Modified: 2025-03-29T07:03:31.321Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/df09af41-399a-4878-8420-721f1198d895?source=cve\n2. https://plugins.trac.wordpress.org/browser/image-upload-for-bbpress/tags/1.1.19/bbp-image-upload.php#L136", "creation_timestamp": "2025-03-29T07:28:42.000000Z"} 2025-03-29T07:28:42+00:00 https://vulnerability.circl.lu/sighting/d47a296c-8050-49f5-b780-213ad2096177/export 2026-06-21T06:44:04.370576+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d47a296c-8050-49f5-b780-213ad2096177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2006", "type": "seen", "source": "Telegram/aF4xicIreuyE5yRRD33dmWV9qZXjTlaEQ3JU-sQx2NkHh1A", "content": "", "creation_timestamp": "2025-03-29T09:31:14.000000Z"} 2025-03-29T09:31:14+00:00 https://vulnerability.circl.lu/sighting/beb30cf7-10e7-44b7-afab-2c307541e07f/export 2026-06-21T06:44:04.370482+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "beb30cf7-10e7-44b7-afab-2c307541e07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2006", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114245088656993111", "content": "", "creation_timestamp": "2025-03-29T09:48:30.111328Z"} 2025-03-29T09:48:30.111328+00:00 https://vulnerability.circl.lu/sighting/ce843823-e484-4368-a95a-c13d7f6e168d/export 2026-06-21T06:44:04.370386+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ce843823-e484-4368-a95a-c13d7f6e168d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2006", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114245088656993111", "content": "", "creation_timestamp": "2025-03-29T09:48:30.112537Z"} 2025-03-29T09:48:30.112537+00:00 https://vulnerability.circl.lu/sighting/16f00415-e284-46d0-a58f-e898dd5b3c4f/export 2026-06-21T06:44:04.370275+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "16f00415-e284-46d0-a58f-e898dd5b3c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2006", "type": "seen", "source": "https://t.me/cvedetector/21506", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2006 - \"BBPress Inline Image Upload Arbitrary File Upload Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2025-2006 \nPublished : March 29, 2025, 7:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploading functionality in all versions up to, and including, 1.1.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This may be exploitable by unauthenticated attackers when the \"Allow guest users without accounts to create topics and replies\" setting is enabled. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"29 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-29T10:28:57.000000Z"} 2025-03-29T10:28:57+00:00 https://vulnerability.circl.lu/sighting/bfac7bb7-8135-47b1-8e00-cb666ba58e07/export 2026-06-21T06:44:04.370177+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "bfac7bb7-8135-47b1-8e00-cb666ba58e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20063", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lr466veqvn2q", "content": "", "creation_timestamp": "2025-06-08T15:22:57.873288Z"} 2025-06-08T15:22:57.873288+00:00 https://vulnerability.circl.lu/sighting/8cdd8b7b-cadb-4766-af49-25586dda3eda/export 2026-06-21T06:44:04.370061+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "8cdd8b7b-cadb-4766-af49-25586dda3eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20061", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"} 2025-08-12T13:33:28+00:00 https://vulnerability.circl.lu/sighting/81450941-294e-4e70-b7f6-304884d76c4f/export 2026-06-21T06:44:04.369929+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "81450941-294e-4e70-b7f6-304884d76c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20061", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:27.000000Z"} 2025-08-21T03:19:27+00:00 https://vulnerability.circl.lu/sighting/fe5c0aa7-90db-4be2-9be2-8874bac2922b/export 2026-06-21T06:44:04.368095+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "fe5c0aa7-90db-4be2-9be2-8874bac2922b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20060", "type": "seen", "source": "MISP/af1fbe07-e10c-40c4-844e-d4419bdf6f80", "content": "", "creation_timestamp": "2025-08-22T13:26:18.000000Z"} 2025-08-22T13:26:18+00:00