Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-23T19:14:11.708096+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/fca4a147-3db6-4eef-a476-a5254e16ea1a/export fca4a147-3db6-4eef-a476-a5254e16ea1a 2026-06-23T19:14:11.730655+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "fca4a147-3db6-4eef-a476-a5254e16ea1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22311\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Private Messages for UserPro. This issue affects Private Messages for UserPro: from n/a through 4.10.0.\n\ud83d\udccf Published: 2025-01-21T13:40:34.218Z\n\ud83d\udccf Modified: 2025-01-21T13:40:34.218Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/userpro-messaging/vulnerability/wordpress-private-messages-for-userpro-plugin-4-10-0-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:42.000000Z"} 2025-01-21T14:01:42+00:00 https://vulnerability.circl.lu/sighting/f7e4f78f-82e0-45f8-bc96-595cfcbc78c9/export f7e4f78f-82e0-45f8-bc96-595cfcbc78c9 2026-06-23T19:14:11.730561+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "f7e4f78f-82e0-45f8-bc96-595cfcbc78c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24s6b6j2r", "content": "", "creation_timestamp": "2025-01-21T14:16:23.319868Z"} 2025-01-21T14:16:23.319868+00:00 https://vulnerability.circl.lu/sighting/d7e65475-ac38-4fe7-a278-db5d2ef83bd9/export d7e65475-ac38-4fe7-a278-db5d2ef83bd9 2026-06-23T19:14:11.730462+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d7e65475-ac38-4fe7-a278-db5d2ef83bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24ufyq62j", "content": "", "creation_timestamp": "2025-01-21T14:16:25.462580Z"} 2025-01-21T14:16:25.462580+00:00 https://vulnerability.circl.lu/sighting/8c25e5f4-bbdf-4663-8614-49cac93741a1/export 8c25e5f4-bbdf-4663-8614-49cac93741a1 2026-06-23T19:14:11.730370+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "8c25e5f4-bbdf-4663-8614-49cac93741a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820118163627", "content": "", "creation_timestamp": "2025-01-21T14:29:49.938831Z"} 2025-01-21T14:29:49.938831+00:00 https://vulnerability.circl.lu/sighting/31218120-07f8-4d4c-b04b-e9097e2480a2/export 31218120-07f8-4d4c-b04b-e9097e2480a2 2026-06-23T19:14:11.730272+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "31218120-07f8-4d4c-b04b-e9097e2480a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820132800743", "content": "", "creation_timestamp": "2025-01-21T14:29:50.158830Z"} 2025-01-21T14:29:50.158830+00:00 https://vulnerability.circl.lu/sighting/7df703a6-8301-4275-8aa9-fe30b1bdd47f/export 7df703a6-8301-4275-8aa9-fe30b1bdd47f 2026-06-23T19:14:11.730165+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "7df703a6-8301-4275-8aa9-fe30b1bdd47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://t.me/cvedetector/15968", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22318 - Eniture Technology Standard Box Sizes WooCommerce Missing Authorization Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22318 \nPublished : Jan. 21, 2025, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Eniture Technology Standard Box Sizes \u2013 for WooCommerce. This issue affects Standard Box Sizes \u2013 for WooCommerce: from n/a through 1.6.13. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T16:08:07.000000Z"} 2025-01-21T16:08:07+00:00 https://vulnerability.circl.lu/sighting/a450072a-e466-4ab6-9d26-cd173de70f6d/export a450072a-e466-4ab6-9d26-cd173de70f6d 2026-06-23T19:14:11.730065+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a450072a-e466-4ab6-9d26-cd173de70f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-129/", "content": "", "creation_timestamp": "2025-03-12T04:00:00.000000Z"} 2025-03-12T04:00:00+00:00 https://vulnerability.circl.lu/sighting/d19d1bb9-9148-4c37-a50f-ca7f4fd5d830/export d19d1bb9-9148-4c37-a50f-ca7f4fd5d830 2026-06-23T19:14:11.729946+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d19d1bb9-9148-4c37-a50f-ca7f4fd5d830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8525", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2231\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473.\n\ud83d\udccf Published: 2025-03-24T19:45:42.198Z\n\ud83d\udccf Modified: 2025-03-24T20:05:31.236Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-129/\n2. https://www.pdf-xchange.com/support/security-bulletins.html", "creation_timestamp": "2025-03-24T20:23:40.000000Z"} 2025-03-24T20:23:40+00:00 https://vulnerability.circl.lu/sighting/80c35471-7376-4368-931f-0a92d371e78a/export 80c35471-7376-4368-931f-0a92d371e78a 2026-06-23T19:14:11.729799+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "80c35471-7376-4368-931f-0a92d371e78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://t.me/cvedetector/20992", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2231 - PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2231 \nPublished : March 24, 2025, 8:15 p.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. \n \nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T22:35:04.000000Z"} 2025-03-24T22:35:04+00:00 https://vulnerability.circl.lu/sighting/f5dabbec-b133-4bd6-a526-4995bca0535f/export f5dabbec-b133-4bd6-a526-4995bca0535f 2026-06-23T19:14:11.728267+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "f5dabbec-b133-4bd6-a526-4995bca0535f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll5t67fkg52m", "content": "", "creation_timestamp": "2025-03-24T22:39:55.082808Z"} 2025-03-24T22:39:55.082808+00:00