https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-12T08:19:17.081933+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/fa103c41-7739-4394-9007-2706f85af9be/exportfa103c41-7739-4394-9007-2706f85af9be2026-06-12T08:19:17.442812+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "fa103c41-7739-4394-9007-2706f85af9be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-8420", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lvpabkhg7f2m", "content": "", "creation_timestamp": "2025-08-06T03:01:37.107941Z"}2025-08-06T03:01:37.107941+00:00https://vulnerability.circl.lu/sighting/f1292e18-1197-49a4-b3cb-ad7448f370ab/exportf1292e18-1197-49a4-b3cb-ad7448f370ab2026-06-12T08:19:17.442581+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "f1292e18-1197-49a4-b3cb-ad7448f370ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-8420", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvpiiiwcnd2k", "content": "", "creation_timestamp": "2025-08-06T05:28:39.236317Z"}2025-08-06T05:28:39.236317+00:00https://vulnerability.circl.lu/sighting/21105dc8-b91b-4006-82f6-5709c6567af3/export21105dc8-b91b-4006-82f6-5709c6567af32026-06-12T08:19:17.439074+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "21105dc8-b91b-4006-82f6-5709c6567af3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-8420", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/62", "content": "{VIP} CVE-2025-8420\nRequest a Quote Form \u2264 \u2013 Unauthenticated Limited RCE\n\nAllows unauthenticated attaks to excte certain PHP functions on the server without credn. Parameters cannot be passed to these functions, but it can still reveal sensitive information such as phpinfo() output.\n\nExample:\n_SERVER[\"HTTP_HOST\"] \n_SERVER[\"HTTP_USER_AGENT\"]\n_SERVER[\"SERVER_ADDR\"]\n_SERVER[\"SERVER_PORT\"]\n_SERVER[\"REMOTE_ADDR\"]\n_SERVER[\"DOCUMENT_ROOT\"]\n\nThis exp installed in the VIP.", "creation_timestamp": "2025-08-11T01:48:32.000000Z"}2025-08-11T01:48:32+00:00