https://vulnerability.circl.lu/sightings/feed 2026-06-18T07:25:08.564335+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/9618553b-3ee9-453f-b114-b908b6d27469/export 2026-06-18T07:25:08.742842+00:00 Patrick Boulvin https://cvepremium.circl.lu/user/Belspo {"uuid": "9618553b-3ee9-453f-b114-b908b6d27469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "a40346b5-0a0c-4e58-879d-7656391613e4", "vulnerability": "CVE-2025-41229", "type": "seen", "source": "https://vulnerability.circl.lu/comment/da6e2e7d-cb96-4560-bf1a-27df4962776e", "content": "", "creation_timestamp": "2025-05-22T07:24:41.759993Z"} 2025-05-22T07:24:41.759993+00:00 https://vulnerability.circl.lu/sighting/8d0a9c8a-1042-4779-b7e7-c344343a1b5d/export 2026-06-18T07:25:08.742740+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "8d0a9c8a-1042-4779-b7e7-c344343a1b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41225", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1166", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a \u0645\u062c\u0627\u0632\u06cc VMware vCenter Server \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0639\u062f\u0645 \u0627\u0646\u062c\u0627\u0645 \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0644\u0627\u0632\u0645 \u0628\u0631\u0627\u06cc \u062e\u0646\u062b\u06cc\u200c\u0633\u0627\u0632\u06cc \u0639\u0646\u0627\u0635\u0631 \u0648\u06cc\u0698\u0647 \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062f\u0631 \u0641\u0631\u0645\u0627\u0646 \u0633\u06cc\u0633\u062a\u0645\u200c\u0639\u0627\u0645\u0644 \n\n \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u062e\u0648\u062f \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nCVE-2025-41225\n\n\u0646\u0635\u0628 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0645\u0639\u062a\u0628\u0631 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u0634\u0648\u0646\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 \u0628\u0631\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 (\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u060c \u062b\u0628\u062a) \u0648 \u067e\u0627\u0633\u062e \u0628\u0647 \u062a\u0644\u0627\u0634\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc SIEM \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u062a\u0644\u0627\u0634\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u061b\n- \u0628\u0647 \u062d\u062f\u0627\u0642\u0644 \u0631\u0633\u0627\u0646\u062f\u0646 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u06a9\u0627\u0631\u0628\u0631\u061b\n- \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646/\u062d\u0630\u0641 \u062d\u0633\u0627\u0628\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u0628\u0644\u0627\u0627\u0633\u062a\u0641\u0627\u062f\u0647.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627:\nhttps://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-05-23T17:36:52.000000Z"} 2025-05-23T17:36:52+00:00 https://vulnerability.circl.lu/sighting/b8d2bdf3-60db-42e1-9eb3-a826680e6bba/export 2026-06-18T07:25:08.742635+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "b8d2bdf3-60db-42e1-9eb3-a826680e6bba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41228", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19317", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41228\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.\n\ud83d\udccf Published: 2025-05-20T14:24:34.436Z\n\ud83d\udccf Modified: 2025-06-24T07:14:21.027Z\n\ud83d\udd17 References:\n1. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717", "creation_timestamp": "2025-06-24T07:50:00.000000Z"} 2025-06-24T07:50:00+00:00 https://vulnerability.circl.lu/sighting/8fb9755a-2304-43e4-8fc7-c1b4198c0457/export 2026-06-18T07:25:08.742452+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "8fb9755a-2304-43e4-8fc7-c1b4198c0457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41227", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19318", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41227\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: VMware ESXi,\u00a0Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options.\u00a0A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.\n\ud83d\udccf Published: 2025-05-20T14:24:29.316Z\n\ud83d\udccf Modified: 2025-06-24T07:13:30.222Z\n\ud83d\udd17 References:\n1. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717", "creation_timestamp": "2025-06-24T07:50:01.000000Z"} 2025-06-24T07:50:01+00:00 https://vulnerability.circl.lu/sighting/ae1a58a8-bd02-4300-bbd6-63b09bc9cfa5/export 2026-06-18T07:25:08.742266+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ae1a58a8-bd02-4300-bbd6-63b09bc9cfa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41225", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19319", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-41225\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: The vCenter Server contains an authenticated command-execution vulnerability.\u00a0A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server.\n\ud83d\udccf Published: 2025-05-20T14:24:17.487Z\n\ud83d\udccf Modified: 2025-06-24T07:11:20.683Z\n\ud83d\udd17 References:\n1. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717", "creation_timestamp": "2025-06-24T07:50:02.000000Z"} 2025-06-24T07:50:02+00:00 https://vulnerability.circl.lu/sighting/92c12d80-1d0d-4194-a340-3f045bb8c931/export 2026-06-18T07:25:08.742073+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "92c12d80-1d0d-4194-a340-3f045bb8c931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41222", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lthfz5udbp2s", "content": "", "creation_timestamp": "2025-07-08T13:32:35.818754Z"} 2025-07-08T13:32:35.818754+00:00 https://vulnerability.circl.lu/sighting/5ddebe34-2e5b-4e4c-b3a0-51547ba0d8f8/export 2026-06-18T07:25:08.741887+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "5ddebe34-2e5b-4e4c-b3a0-51547ba0d8f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41228", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwa7hpxnv72a", "content": "", "creation_timestamp": "2025-08-12T21:02:31.674052Z"} 2025-08-12T21:02:31.674052+00:00 https://vulnerability.circl.lu/sighting/54b7945c-411f-42b2-942d-49d8b423dc81/export 2026-06-18T07:25:08.741673+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "54b7945c-411f-42b2-942d-49d8b423dc81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41224", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-04", "content": "", "creation_timestamp": "2025-10-21T10:00:00.000000Z"} 2025-10-21T10:00:00+00:00 https://vulnerability.circl.lu/sighting/99785ec9-47ee-4ed6-8dfc-377672de2ec7/export 2026-06-18T07:25:08.741405+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "99785ec9-47ee-4ed6-8dfc-377672de2ec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41223", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-04", "content": "", "creation_timestamp": "2025-10-21T10:00:00.000000Z"} 2025-10-21T10:00:00+00:00 https://vulnerability.circl.lu/sighting/90b120c2-5567-4ab9-858b-7e4873ce56de/export 2026-06-18T07:25:08.738910+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "90b120c2-5567-4ab9-858b-7e4873ce56de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-41222", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-04", "content": "", "creation_timestamp": "2025-10-21T10:00:00.000000Z"} 2025-10-21T10:00:00+00:00