<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-01T04:50:00.855886+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4034773f-165d-4ce1-92c3-80cc5b248214/export</id>
    <title>4034773f-165d-4ce1-92c3-80cc5b248214</title>
    <updated>2026-07-01T04:50:00.878848+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4034773f-165d-4ce1-92c3-80cc5b248214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25765", "type": "seen", "source": "https://t.me/poxek/6119", "content": "Microsoft \u0441\u043d\u043e\u0432\u0430 \u043d\u0430\u043f\u043e\u043c\u043d\u0438\u043b, \u0447\u0442\u043e \u043d\u0430\u0448\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0441\u0430\u043c\u0430 \u043f\u043e \u0441\u0435\u0431\u0435 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0432\u043a\u0443\u0441\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0439. CVE-2026-42897 \u0432 on-prem Exchange Server \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f: \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c The Hacker News \u0441\u043e \u0441\u0441\u044b\u043b\u043a\u043e\u0439 \u043d\u0430 Microsoft, \u044d\u0442\u043e XSS/spoofing-\u0431\u0430\u0433 \u0441 CVSS 8.1, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0442\u0440\u0438\u0433\u0433\u0435\u0440\u0438\u0442\u044c \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0438\u0441\u044c\u043c\u043e, \u0435\u0441\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u0430 \u043e\u0442\u043a\u0440\u043e\u0435\u0442 \u0435\u0433\u043e \u0432 Outlook Web Access. \u041f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c Exchange 2016, 2019 \u0438 Subscription Edition, \u0430 CISA \u0443\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 KEV.\n\n\u041d\u0430 \u0434\u0440\u0443\u0433\u043e\u043c \u043a\u043e\u043d\u0446\u0435 \u0441\u043f\u0435\u043a\u0442\u0440\u0430 - CVE-2026-25765 \u0432 Ruby Faraday. \u0415\u0441\u043b\u0438 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u0441\u0435\u0440\u0432\u0438\u0441 \u043d\u0430 Faraday \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 URL, build_exclusive_url \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 2.14.1 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 protocol-relative \u043f\u0443\u0442\u044c \u0432\u0438\u0434\u0430 //evil.com/path \u0438 \u0443\u0432\u0435\u0441\u0442\u0438 \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0447\u0443\u0436\u043e\u0439 \u0445\u043e\u0441\u0442. \u042d\u0442\u043e \u0443\u0436\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0431\u0438\u0442\u044c \u043f\u043e \u0447\u0443\u0436\u0438\u043c \u0442\u0443\u043b\u0437\u0430\u043c, \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f\u043c, \u0441\u043a\u0430\u043d\u0435\u0440\u0430\u043c, webhook-\u043e\u0431\u0432\u044f\u0437\u043a\u0435 \u0438 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0430\u043c\u0438 \u0445\u043e\u0434\u044f\u0442 \u043d\u0430\u0440\u0443\u0436\u0443. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0435\u0441\u0442\u044c \u0432 DailyCVE, \u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 advisory \u0438 \u0444\u0438\u043a\u0441 - \u0432 GitHub advisory \u0438 \u0440\u0435\u043b\u0438\u0437\u0435 2.14.1. \u0422\u043e\u043a \u0441\u0442\u0440\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u0447\u0442\u043e DailyCVE \u0443\u043a\u0430\u0437\u0430\u043d\u043e High, \u043d\u043e \u0432 NVD/CNA \u0443 \u043d\u0435\u0433\u043e \u0441\u0435\u0439\u0447\u0430\u0441 CVSS 5.8 MEDIUM.\n\n\u0410 \u0435\u0441\u043b\u0438 \u043d\u0443\u0436\u0435\u043d \u0441\u043e\u0432\u0441\u0435\u043c \u043f\u0440\u044f\u043c\u043e\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 \"\u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445\", \u0442\u043e \u0432\u043e\u0442 \u043e\u043d: CVE-2026-45087 \u0432 dalfox. \u041f\u043e advisory GitHub, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0435\u0440\u0441\u0438\u0438 &amp;lt;= 2.12.0, \u0430 \u0444\u0438\u043a\u0441 \u0432\u044b\u0448\u0435\u043b \u0432 2.13.0. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0430\u044f: \u0432 server mode Dalfox \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0441\u043b\u0443\u0448\u0430\u0435\u0442 0.0.0.0:6664, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 API key \u0431\u0435\u0437 \u044f\u0432\u043d\u043e\u0433\u043e --api-key, \u0430 \u0447\u0435\u0440\u0435\u0437 POST /scan \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u043a\u0438\u043d\u0443\u0442\u044c found-action \u0438 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f unauthenticated RCE \u043d\u0430 \u0445\u043e\u0441\u0442\u0435, \u0433\u0434\u0435 \u043a\u0440\u0443\u0442\u0438\u0442\u0441\u044f \u0441\u043a\u0430\u043d\u0435\u0440. \u0422\u043e \u0435\u0441\u0442\u044c \u043b\u043e\u043c\u0430\u044e\u0442 \u0443\u0436\u0435 \u043d\u0435 \u0446\u0435\u043b\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f, \u0430 \u0441\u0430\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041e\u0442\u0441\u044e\u0434\u0430 \u0438 \u043e\u0447\u0435\u043d\u044c \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0439 \u0441\u0434\u0432\u0438\u0433: \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438 \u0437\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u043e\u0432, \u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445. \u0415\u0441\u043b\u0438 \u0443 blue team \u0433\u043e\u0440\u0438\u0442 Exchange, \u0442\u043e \u0443 red team, \u0431\u0430\u0433\u0445\u0430\u043d\u0442\u0435\u0440\u043e\u0432 \u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0433\u043e\u0440\u044f\u0442 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 HTTP-\u043a\u043b\u0438\u0435\u043d\u0442\u044b, \u043f\u0430\u0440\u0441\u0435\u0440\u044b, \u0441\u043a\u0430\u043d\u0435\u0440\u044b \u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u0432\u044b\u043a\u043b\u0438 \u0434\u043e\u0432\u0435\u0440\u044f\u0442\u044c \"\u043f\u043e\u0447\u0442\u0438 URL\" \u0438\u043b\u0438 \u043f\u043e\u0434\u043d\u0438\u043c\u0430\u0442\u044c \u043e\u043f\u0430\u0441\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c \"\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e\". \u0412 2026 \u0433\u043e\u0434\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0435 \u0447\u0430\u0449\u0435 \u0431\u044c\u0435\u0442 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e \u0432\u0441\u0435\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0432\u043e\u043a\u0440\u0443\u0433 \u0446\u0435\u043b\u0438: \u043f\u043e \u043f\u043e\u0447\u0442\u0435, \u0430\u0433\u0435\u043d\u0442\u0430\u043c, \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u044f\u043c, \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u044e\u0449\u0435\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u0438 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c.\n\n\u0421 \u043d\u0430\u0447\u0430\u043b\u0430 \u0433\u043e\u0434\u0430 \u0440\u0430\u0431\u043e\u0442\u044b \u0443 \u043a\u043e\u043c\u0430\u043d\u0434 \u0437\u0430\u0449\u0438\u0442\u044b \u0437\u0430\u043c\u0435\u0442\u043d\u043e \u043f\u0440\u0438\u0431\u0430\u0432\u0438\u043b\u043e\u0441\u044c: \u0442\u0435\u043c\u043f \u043f\u043e\u0438\u0441\u043a\u0430 \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 0day \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043f\u043e\u0447\u0442\u0438 \u0431\u0435\u0437\u0443\u043c\u043d\u044b\u043c, \u0438 \u0435\u0449\u0435 \u043f\u0430\u0440\u0443 \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434 \u0442\u0430\u043a\u043e\u0439 \u043f\u043b\u043e\u0442\u043d\u043e\u0441\u0442\u0438 \u0442\u0440\u0443\u0434\u043d\u043e \u0431\u044b\u043b\u043e \u043e\u0436\u0438\u0434\u0430\u0442\u044c. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u0433\u043e\u043d\u043a\u0430 \u0442\u043e\u0436\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u043e\u0441\u0442\u0440\u044f\u0435\u0442\u0441\u044f: \u043a\u0442\u043e \u043f\u0435\u0440\u0432\u044b\u043c \u043d\u0430\u0439\u0434\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0440\u043e\u0432\u043d\u044f CVSS 9.8, \u0443\u0441\u043f\u0435\u0435\u0442 \u0441\u0434\u0430\u0442\u044c \u0435\u0435 \u0432 bug bounty \u0438\u043b\u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0442\u0438\u0442 \u0432 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0434\u043b\u044f \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0430, \u0442\u043e\u0442 \u0438 \u0441\u043d\u0438\u043c\u0430\u0435\u0442 \u0441\u043b\u0438\u0432\u043a\u0438.", "creation_timestamp": "2026-05-18T15:58:50.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4034773f-165d-4ce1-92c3-80cc5b248214/export"/>
    <published>2026-05-18T15:58:50+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d985bdbc-424c-4079-be81-0d8339cbc771/export</id>
    <title>d985bdbc-424c-4079-be81-0d8339cbc771</title>
    <updated>2026-07-01T04:50:00.881724+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d985bdbc-424c-4079-be81-0d8339cbc771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25769", "type": "seen", "source": "https://t.me/GithubRedTeam/80092", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-25769\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a 0xBlackash\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-13 08:58:59\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-25769\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-13T09:00:05.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d985bdbc-424c-4079-be81-0d8339cbc771/export"/>
    <published>2026-04-13T09:00:05+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6cefb5f4-b4fa-4ea5-9287-a6fca13492a8/export</id>
    <title>6cefb5f4-b4fa-4ea5-9287-a6fca13492a8</title>
    <updated>2026-07-01T04:50:00.881938+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6cefb5f4-b4fa-4ea5-9287-a6fca13492a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25769", "type": "published-proof-of-concept", "source": "Telegram/rwxaLd9KWQTIgwCgLykDlCAjWpJJFXYvWELkEfFrjXC617U", "content": "", "creation_timestamp": "2026-04-05T15:00:08.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6cefb5f4-b4fa-4ea5-9287-a6fca13492a8/export"/>
    <published>2026-04-05T15:00:08+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b9da9d6b-e053-4818-b3d9-e252c3dd6e05/export</id>
    <title>b9da9d6b-e053-4818-b3d9-e252c3dd6e05</title>
    <updated>2026-07-01T04:50:00.882097+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b9da9d6b-e053-4818-b3d9-e252c3dd6e05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25769", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78926", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-25769\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a njeru-codes\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-05 11:45:52\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPOC for deserialization of untrusted data in wazuh leading to RCE\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-05T12:00:04.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b9da9d6b-e053-4818-b3d9-e252c3dd6e05/export"/>
    <published>2026-04-05T12:00:04+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c89e73bb-ab4b-4d37-adfd-481b2c8fada3/export</id>
    <title>c89e73bb-ab4b-4d37-adfd-481b2c8fada3</title>
    <updated>2026-07-01T04:50:00.882246+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c89e73bb-ab4b-4d37-adfd-481b2c8fada3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2576", "type": "published-proof-of-concept", "source": "Telegram/rhvNMhDEQsDmbO42lBM1UZ6liv8Ut69COJccPHJCHHT9EeA", "content": "", "creation_timestamp": "2026-03-27T03:00:09.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c89e73bb-ab4b-4d37-adfd-481b2c8fada3/export"/>
    <published>2026-03-27T03:00:09+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/35768037-bf9f-4ab1-a4a7-772daf79c5a6/export</id>
    <title>35768037-bf9f-4ab1-a4a7-772daf79c5a6</title>
    <updated>2026-07-01T04:50:00.882399+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "35768037-bf9f-4ab1-a4a7-772daf79c5a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2576", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/77409", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE_2026_2576_PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a SowatKheang\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-03-26 23:58:00\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-2576 \u2014 Business Directory Plugin SQLi PoC (Local Setup). Unauthenticated Time-Based Blind SQL Injection Business Directory Plugin for WordPress \u2264 6.4.21\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-03-27T00:00:04.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/35768037-bf9f-4ab1-a4a7-772daf79c5a6/export"/>
    <published>2026-03-27T00:00:04+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/24b40cc5-67af-4827-878f-7912196c97f4/export</id>
    <title>24b40cc5-67af-4827-878f-7912196c97f4</title>
    <updated>2026-07-01T04:50:00.882564+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "24b40cc5-67af-4827-878f-7912196c97f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25769", "type": "seen", "source": "https://www.acn.gov.it/portale/w/wazuh-disponibile-poc-per-lo-sfruttamento-della-vulnerabilita-cve-2026-25769", "content": "", "creation_timestamp": "2026-03-23T08:47:39.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/24b40cc5-67af-4827-878f-7912196c97f4/export"/>
    <published>2026-03-23T08:47:39+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dc08f11a-f2fa-4ae5-857e-3c116e1846bb/export</id>
    <title>dc08f11a-f2fa-4ae5-857e-3c116e1846bb</title>
    <updated>2026-07-01T04:50:00.882709+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dc08f11a-f2fa-4ae5-857e-3c116e1846bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25769", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mhm53uchm32m", "content": "", "creation_timestamp": "2026-03-21T23:00:14.119413Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dc08f11a-f2fa-4ae5-857e-3c116e1846bb/export"/>
    <published>2026-03-21T23:00:14.119413+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c7cfa81d-e9ea-44ca-824a-50c3aa602a41/export</id>
    <title>c7cfa81d-e9ea-44ca-824a-50c3aa602a41</title>
    <updated>2026-07-01T04:50:00.882857+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c7cfa81d-e9ea-44ca-824a-50c3aa602a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25769", "type": "published-proof-of-concept", "source": "https://t.me/bdufstecru/3018", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 as_wazuh_object() \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437 Wazuh \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e DAPI-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\n\nBDU:2026-03319\nCVE-2026-25769\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e \u043f\u043e 1516 \u0441\u0435\u0442\u0435\u0432\u043e\u043c\u0443 \u043f\u043e\u0440\u0442\u0443;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c\u0443 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044e;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 SIEM-\u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0441\u043e\u0431\u044b\u0442\u0438\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439;\n- \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0439 (\u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442).\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://github.com/wazuh/wazuh/releases\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 4.14.3 \u0438 \u0432\u044b\u0448\u0435", "creation_timestamp": "2026-03-18T14:47:42.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c7cfa81d-e9ea-44ca-824a-50c3aa602a41/export"/>
    <published>2026-03-18T14:47:42+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/35d5d656-4da6-428b-b977-f4fe665bc79c/export</id>
    <title>35d5d656-4da6-428b-b977-f4fe665bc79c</title>
    <updated>2026-07-01T04:50:00.883046+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "35d5d656-4da6-428b-b977-f4fe665bc79c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-25769", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mhbr3s2tlc2n", "content": "", "creation_timestamp": "2026-03-17T19:58:50.067587Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/35d5d656-4da6-428b-b977-f4fe665bc79c/export"/>
    <published>2026-03-17T19:58:50.067587+00:00</published>
  </entry>
</feed>
