<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-14T05:06:02.590384+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2991c9cf-bb52-4f79-a5ef-2e8d5568da4a/export</id>
    <title>2991c9cf-bb52-4f79-a5ef-2e8d5568da4a</title>
    <updated>2026-07-14T05:06:02.618200+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2991c9cf-bb52-4f79-a5ef-2e8d5568da4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6388", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mkmaeeb6fz2q", "content": "", "creation_timestamp": "2026-04-29T04:14:15.277523Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2991c9cf-bb52-4f79-a5ef-2e8d5568da4a/export"/>
    <published>2026-04-29T04:14:15.277523+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6fd8c5e5-a27a-4ba3-b9e0-1bf325048b2f/export</id>
    <title>6fd8c5e5-a27a-4ba3-b9e0-1bf325048b2f</title>
    <updated>2026-07-14T05:06:02.620673+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6fd8c5e5-a27a-4ba3-b9e0-1bf325048b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-63888", "type": "published-proof-of-concept", "source": "Telegram/tKAkyByJyf-3fTR3FIdOGi_BkQgInDQD9nvMF722k6zIU-s", "content": "", "creation_timestamp": "2025-11-21T03:00:06.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6fd8c5e5-a27a-4ba3-b9e0-1bf325048b2f/export"/>
    <published>2025-11-21T03:00:06+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/07f3fbcb-2a3d-4f48-9644-6b2e71b804b9/export</id>
    <title>07f3fbcb-2a3d-4f48-9644-6b2e71b804b9</title>
    <updated>2026-07-14T05:06:02.620805+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "07f3fbcb-2a3d-4f48-9644-6b2e71b804b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-63888", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/60331", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aSecurity research tool for detecting and testing CVE-2025-63888 (ThinkPHP 5.0.24 File Inclusion RCE vulnerability)\nURL\uff1ahttps://github.com/AN5I/cve-2025-63888-exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-11-21T00:26:48.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/07f3fbcb-2a3d-4f48-9644-6b2e71b804b9/export"/>
    <published>2025-11-21T00:26:48+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6487f204-42f0-4ed8-93e4-18348231b003/export</id>
    <title>6487f204-42f0-4ed8-93e4-18348231b003</title>
    <updated>2026-07-14T05:06:02.620921+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6487f204-42f0-4ed8-93e4-18348231b003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-63889", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m63jziszqn2q", "content": "", "creation_timestamp": "2025-11-20T19:49:33.328089Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6487f204-42f0-4ed8-93e4-18348231b003/export"/>
    <published>2025-11-20T19:49:33.328089+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/19883f49-0363-463c-a3a3-3e534e687bb1/export</id>
    <title>19883f49-0363-463c-a3a3-3e534e687bb1</title>
    <updated>2026-07-14T05:06:02.621023+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "19883f49-0363-463c-a3a3-3e534e687bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-63888", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m63jiuuwkp2w", "content": "", "creation_timestamp": "2025-11-20T19:40:15.512135Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/19883f49-0363-463c-a3a3-3e534e687bb1/export"/>
    <published>2025-11-20T19:40:15.512135+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/94bb2567-c716-4653-9c83-59220f33905f/export</id>
    <title>94bb2567-c716-4653-9c83-59220f33905f</title>
    <updated>2026-07-14T05:06:02.621118+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "94bb2567-c716-4653-9c83-59220f33905f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-63883", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5wazsgskm2s", "content": "", "creation_timestamp": "2025-11-18T17:25:20.855494Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/94bb2567-c716-4653-9c83-59220f33905f/export"/>
    <published>2025-11-18T17:25:20.855494+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5a9652fa-c0f4-4361-b09a-9b49db25c863/export</id>
    <title>5a9652fa-c0f4-4361-b09a-9b49db25c863</title>
    <updated>2026-07-14T05:06:02.621209+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5a9652fa-c0f4-4361-b09a-9b49db25c863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6388", "type": "seen", "source": "https://t.me/bhhub/1167", "content": "Top exploited vulns of the Week\n\nThis week\u2019s Vulnerability Trend shows a mix of big-platform remote RCEs (Oracle EBS, DrayTek), high-impact web plugin and local network exploits (WordPress Spirit, SillyTavern), plus client/runtime abuse in widely distributed software (Unity, Zabbix agent). Notable: an enterprise-scale, pre-auth Oracle RCE is already weaponized by ransomware groups (Cl0p / GRACEFUL SPIDER) and added to CISA KEV \u2014 treat it as highest priority.\n\nQuick hit list:\n\n\u2b50\ufe0f CVE-2025-61882 \u2014 Oracle E-Business Suite (BI Publisher integration) \u2014 CVSS 9.8, pre-auth RCE, actively used by Cl0p &amp;amp; GRACEFUL SPIDER; on CISA KEV. Patch immediately or isolate EBS HTTP endpoints.\n\u2b50\ufe0f CVE-2025-6388 \u2014 Spirit Framework (WordPress) \u2014 CVSS 9.8, unauthenticated admin takeover. Update to 1.2.15 or remove the plugin.\n\u2b50\ufe0f CVE-2025-59159 \u2014 SillyTavern (DNS rebinding) \u2014 CVSS ~9.6, local network\u2192API key theft. Upgrade to 1.13.4 + enable host whitelist.\n\u2b50\ufe0f CVE-2025-10547 \u2014 DrayTek Vigor routers \u2014 CVSS 8.8, unauth RCE in HTTP CGI; remote root possible. Apply vendor fixes and audit external-facing routers.\n\u2b50\ufe0f CVE-2025-59489 \u2014 Unity Runtime \u2014 Arg injection / DLL hijack in apps; PoCs available; exploited via trojanized games. Treat as supply-chain / app-store risk for distributed clients.\n\u2b50\ufe0f CVE-2025-27237 \u2014 Zabbix Agent (Windows LPE) \u2014 DLL injection via writable OpenSSL path; observed in targeted ops. Harden file perms and monitor for local privilege escalations.", "creation_timestamp": "2025-10-07T08:14:58.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5a9652fa-c0f4-4361-b09a-9b49db25c863/export"/>
    <published>2025-10-07T08:14:58+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e7406c0d-b03d-493e-bfb2-3691d8f2df23/export</id>
    <title>e7406c0d-b03d-493e-bfb2-3691d8f2df23</title>
    <updated>2026-07-14T05:06:02.621317+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e7406c0d-b03d-493e-bfb2-3691d8f2df23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6388", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2fi6hs6eb23", "content": "", "creation_timestamp": "2025-10-04T21:02:26.333794Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e7406c0d-b03d-493e-bfb2-3691d8f2df23/export"/>
    <published>2025-10-04T21:02:26.333794+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a398dd35-ebb9-4c4f-9e45-5e0949e7b34d/export</id>
    <title>a398dd35-ebb9-4c4f-9e45-5e0949e7b34d</title>
    <updated>2026-07-14T05:06:02.621410+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a398dd35-ebb9-4c4f-9e45-5e0949e7b34d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-6388", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3m2bpk4tsdx26", "content": "", "creation_timestamp": "2025-10-03T09:03:34.458883Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a398dd35-ebb9-4c4f-9e45-5e0949e7b34d/export"/>
    <published>2025-10-03T09:03:34.458883+00:00</published>
  </entry>
</feed>
