Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-06T08:25:25.066634+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/ef591bbd-1a01-436f-868a-84be2e4ae6b8/export ef591bbd-1a01-436f-868a-84be2e4ae6b8 2026-06-06T08:25:25.257497+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ef591bbd-1a01-436f-868a-84be2e4ae6b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28132", "type": "seen", "source": "https://t.me/cvedetector/21777", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-28132 - Nagios Network Analyzer Session Reuse Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-28132 \nPublished : April 1, 2025, 5:15 p.m. | 15\u00a0minutes ago \nDescription : A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse session tokens even after a user logs out, leading to unauthorized access and account takeover. This occurs due to insufficient session expiration, where session tokens remain valid beyond logout, allowing an attacker to impersonate users and perform actions on their behalf. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T19:44:18.000000Z"} 2025-04-01T19:44:18+00:00 https://vulnerability.circl.lu/sighting/61bfea58-87ec-451d-8999-83df3374ad8a/export 61bfea58-87ec-451d-8999-83df3374ad8a 2026-06-06T08:25:25.257420+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "61bfea58-87ec-451d-8999-83df3374ad8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28132", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10021", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-28132\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A session management flaw in Nagios Network Analyzer 2024R1.0.3 allows an attacker to reuse session tokens even after a user logs out, leading to unauthorized access and account takeover. This occurs due to insufficient session expiration, where session tokens remain valid beyond logout, allowing an attacker to impersonate users and perform actions on their behalf.\n\ud83d\udccf Published: 2025-04-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T19:49:32.374Z\n\ud83d\udd17 References:\n1. https://www.nagios.com/changelog/#network-analyzer\n2. https://github.com/harshal79/Insufficient-Session-Expiration.git", "creation_timestamp": "2025-04-01T20:33:48.000000Z"} 2025-04-01T20:33:48+00:00 https://vulnerability.circl.lu/sighting/b5c6a1d5-428c-4400-bca6-c36db8100421/export b5c6a1d5-428c-4400-bca6-c36db8100421 2026-06-06T08:25:25.257350+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "b5c6a1d5-428c-4400-bca6-c36db8100421", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmujasss7m2g", "content": "", "creation_timestamp": "2025-04-15T16:38:50.839474Z"} 2025-04-15T16:38:50.839474+00:00 https://vulnerability.circl.lu/sighting/9c2e0aa2-d5f9-4565-9ddd-ca59b06fce77/export 9c2e0aa2-d5f9-4565-9ddd-ca59b06fce77 2026-06-06T08:25:25.257259+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "9c2e0aa2-d5f9-4565-9ddd-ca59b06fce77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28136", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmujatgh4m2g", "content": "", "creation_timestamp": "2025-04-15T16:38:53.423882Z"} 2025-04-15T16:38:53.423882+00:00 https://vulnerability.circl.lu/sighting/7264313f-3071-42cf-9322-39a6545fff61/export 7264313f-3071-42cf-9322-39a6545fff61 2026-06-06T08:25:25.257122+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "7264313f-3071-42cf-9322-39a6545fff61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://t.me/cvedetector/22954", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-28137 - TOTOLINK A810R Remote Command Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-28137 \nPublished : April 15, 2025, 2:15 p.m. | 54\u00a0minutes ago \nDescription : The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T17:26:32.000000Z"} 2025-04-15T17:26:32+00:00 https://vulnerability.circl.lu/sighting/c4573fb7-dce1-4901-afcf-3d8f63ad4188/export c4573fb7-dce1-4901-afcf-3d8f63ad4188 2026-06-06T08:25:25.256955+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c4573fb7-dce1-4901-afcf-3d8f63ad4188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28136", "type": "seen", "source": "https://t.me/cvedetector/22953", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-28136 - TOTOLINK A800R Buffer Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-28136 \nPublished : April 15, 2025, 2:15 p.m. | 54\u00a0minutes ago \nDescription : TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T17:26:32.000000Z"} 2025-04-15T17:26:32+00:00 https://vulnerability.circl.lu/sighting/5dc520e5-c058-4c83-94e7-d85654d4210e/export 5dc520e5-c058-4c83-94e7-d85654d4210e 2026-06-06T08:25:25.256803+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "5dc520e5-c058-4c83-94e7-d85654d4210e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114343941659414629", "content": "", "creation_timestamp": "2025-04-15T20:48:10.370305Z"} 2025-04-15T20:48:10.370305+00:00 https://vulnerability.circl.lu/sighting/08bef4cd-1aab-4a92-a567-69fc930b8f59/export 08bef4cd-1aab-4a92-a567-69fc930b8f59 2026-06-06T08:25:25.256625+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "08bef4cd-1aab-4a92-a567-69fc930b8f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2813", "type": "seen", "source": "https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3lp2at6pkyms2", "content": "", "creation_timestamp": "2025-05-13T10:15:28.777453Z"} 2025-05-13T10:15:28.777453+00:00 https://vulnerability.circl.lu/sighting/82cf2ffc-bf6b-4300-a543-ad7b68fc9b74/export 82cf2ffc-bf6b-4300-a543-ad7b68fc9b74 2026-06-06T08:25:25.256395+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "82cf2ffc-bf6b-4300-a543-ad7b68fc9b74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28137", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw56253h23", "content": "", "creation_timestamp": "2025-07-23T21:02:30.015495Z"} 2025-07-23T21:02:30.015495+00:00 https://vulnerability.circl.lu/sighting/ecd74c81-d5df-4f7a-b04d-d415cc27d1a2/export ecd74c81-d5df-4f7a-b04d-d415cc27d1a2 2026-06-06T08:25:25.254093+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ecd74c81-d5df-4f7a-b04d-d415cc27d1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2813", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvbbcid3t22l", "content": "", "creation_timestamp": "2025-07-31T13:42:44.897851Z"} 2025-07-31T13:42:44.897851+00:00