https://vulnerability.circl.lu/sightings/feed 2026-06-20T18:02:27.180907+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/85ec7106-d43c-4d7c-b86b-48d4a36a4020/export 2026-06-20T18:02:27.358786+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "85ec7106-d43c-4d7c-b86b-48d4a36a4020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49177", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lrsqyj6u4x2v", "content": "", "creation_timestamp": "2025-06-17T14:57:59.124563Z"} 2025-06-17T14:57:59.124563+00:00 https://vulnerability.circl.lu/sighting/9d7e9b84-5fe1-4281-8afb-1dd3c2680da3/export 2026-06-20T18:02:27.358690+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "9d7e9b84-5fe1-4281-8afb-1dd3c2680da3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49176", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/266", "content": "", "creation_timestamp": "2025-06-18T14:10:54.000000Z"} 2025-06-18T14:10:54+00:00 https://vulnerability.circl.lu/sighting/6404c531-9565-4694-90c3-d94b905f1873/export 2026-06-20T18:02:27.358585+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "6404c531-9565-4694-90c3-d94b905f1873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49179", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19182", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49179\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.\n\ud83d\udccf Published: 2025-06-17T14:54:49.288Z\n\ud83d\udccf Modified: 2025-06-23T06:34:29.129Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2025:9303\n2. https://access.redhat.com/errata/RHSA-2025:9304\n3. https://access.redhat.com/errata/RHSA-2025:9305\n4. https://access.redhat.com/errata/RHSA-2025:9306\n5. https://access.redhat.com/security/cve/CVE-2025-49179\n6. https://bugzilla.redhat.com/show_bug.cgi?id=2369978", "creation_timestamp": "2025-06-23T06:45:51.000000Z"} 2025-06-23T06:45:51+00:00 https://vulnerability.circl.lu/sighting/b038cd8c-a07c-4674-93f5-8b387ebe66c5/export 2026-06-20T18:02:27.358477+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "b038cd8c-a07c-4674-93f5-8b387ebe66c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49178", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19183", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49178\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.\n\ud83d\udccf Published: 2025-06-17T14:54:42.646Z\n\ud83d\udccf Modified: 2025-06-23T06:33:59.973Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2025:9303\n2. https://access.redhat.com/errata/RHSA-2025:9304\n3. https://access.redhat.com/errata/RHSA-2025:9305\n4. https://access.redhat.com/errata/RHSA-2025:9306\n5. https://access.redhat.com/security/cve/CVE-2025-49178\n6. https://bugzilla.redhat.com/show_bug.cgi?id=2369977", "creation_timestamp": "2025-06-23T06:45:53.000000Z"} 2025-06-23T06:45:53+00:00 https://vulnerability.circl.lu/sighting/a8ca73bd-03c3-4eff-b6a6-672c98065229/export 2026-06-20T18:02:27.358368+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a8ca73bd-03c3-4eff-b6a6-672c98065229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49176", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19184", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49176\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.\n\ud83d\udccf Published: 2025-06-17T14:49:49.143Z\n\ud83d\udccf Modified: 2025-06-23T06:33:35.083Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2025:9303\n2. https://access.redhat.com/errata/RHSA-2025:9304\n3. https://access.redhat.com/errata/RHSA-2025:9305\n4. https://access.redhat.com/errata/RHSA-2025:9306\n5. https://access.redhat.com/security/cve/CVE-2025-49176\n6. https://bugzilla.redhat.com/show_bug.cgi?id=2369954", "creation_timestamp": "2025-06-23T06:45:54.000000Z"} 2025-06-23T06:45:54+00:00 https://vulnerability.circl.lu/sighting/2e50b7c8-d451-4a4f-805e-a522f1a0dfe0/export 2026-06-20T18:02:27.358253+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "2e50b7c8-d451-4a4f-805e-a522f1a0dfe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49175", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19185", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49175\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.\n\ud83d\udccf Published: 2025-06-17T14:39:39.428Z\n\ud83d\udccf Modified: 2025-06-23T06:33:16.764Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2025:9303\n2. https://access.redhat.com/errata/RHSA-2025:9304\n3. https://access.redhat.com/errata/RHSA-2025:9305\n4. https://access.redhat.com/errata/RHSA-2025:9306\n5. https://access.redhat.com/security/cve/CVE-2025-49175\n6. https://bugzilla.redhat.com/show_bug.cgi?id=2369947", "creation_timestamp": "2025-06-23T06:45:55.000000Z"} 2025-06-23T06:45:55+00:00 https://vulnerability.circl.lu/sighting/ba720104-8cf0-4984-8808-7d603ae9849a/export 2026-06-20T18:02:27.358133+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ba720104-8cf0-4984-8808-7d603ae9849a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49177", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19321", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49177\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.\n\ud83d\udccf Published: 2025-06-17T14:49:49.199Z\n\ud83d\udccf Modified: 2025-06-24T08:30:11.291Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2025:9304\n2. https://access.redhat.com/security/cve/CVE-2025-49177\n3. https://bugzilla.redhat.com/show_bug.cgi?id=2369955", "creation_timestamp": "2025-06-24T08:50:36.000000Z"} 2025-06-24T08:50:36+00:00 https://vulnerability.circl.lu/sighting/9b118916-22d5-4060-b9fd-3db0b42f4930/export 2026-06-20T18:02:27.358023+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "9b118916-22d5-4060-b9fd-3db0b42f4930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49176", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3ltcm4xf7ws27", "content": "", "creation_timestamp": "2025-07-06T15:38:50.615777Z"} 2025-07-06T15:38:50.615777+00:00 https://vulnerability.circl.lu/sighting/c56ded41-0214-4f0e-b594-90683c284629/export 2026-06-20T18:02:27.357876+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c56ded41-0214-4f0e-b594-90683c284629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49175", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lus7tfng4s2f", "content": "", "creation_timestamp": "2025-07-25T14:06:31.272625Z"} 2025-07-25T14:06:31.272625+00:00 https://vulnerability.circl.lu/sighting/ec3c31c1-5411-4ef9-850f-9c7fb7430f0d/export 2026-06-20T18:02:27.339048+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ec3c31c1-5411-4ef9-850f-9c7fb7430f0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49173", "type": "published-proof-of-concept", "source": "Telegram/b0MrL-7YyNVMwlRE8cQmf3aSFWZZuNk0ErN3GEJH-SnDaRk", "content": "", "creation_timestamp": "2025-12-10T09:00:05.000000Z"} 2025-12-10T09:00:05+00:00