Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-23T03:35:24.711909+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/b2f184c8-d251-4057-9b8f-e9ecd4ec0317/export b2f184c8-d251-4057-9b8f-e9ecd4ec0317 2026-06-23T03:35:24.754223+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "b2f184c8-d251-4057-9b8f-e9ecd4ec0317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34413", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mk4c2qqza22k", "content": "", "creation_timestamp": "2026-04-22T20:02:05.101174Z"} 2026-04-22T20:02:05.101174+00:00 https://vulnerability.circl.lu/sighting/0b51e9d7-f005-4130-84c7-db946ed9a990/export 0b51e9d7-f005-4130-84c7-db946ed9a990 2026-06-23T03:35:24.754149+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0b51e9d7-f005-4130-84c7-db946ed9a990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34413", "type": "seen", "source": "Telegram/cbjF4apLmtnn3LGsfm2VGkmWkt4o1cHj2IZCQ7x38CS5FMw", "content": "", "creation_timestamp": "2026-04-22T21:20:52.000000Z"} 2026-04-22T21:20:52+00:00 https://vulnerability.circl.lu/sighting/d16d5c01-890a-4f58-80b7-217ab068d595/export d16d5c01-890a-4f58-80b7-217ab068d595 2026-06-23T03:35:24.754076+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d16d5c01-890a-4f58-80b7-217ab068d595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34414", "type": "seen", "source": "Telegram/cbjF4apLmtnn3LGsfm2VGkmWkt4o1cHj2IZCQ7x38CS5FMw", "content": "", "creation_timestamp": "2026-04-22T21:20:52.000000Z"} 2026-04-22T21:20:52+00:00 https://vulnerability.circl.lu/sighting/8980889a-7b98-4948-9c06-a418f7949acd/export 8980889a-7b98-4948-9c06-a418f7949acd 2026-06-23T03:35:24.753993+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "8980889a-7b98-4948-9c06-a418f7949acd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34415", "type": "published-proof-of-concept", "source": "Telegram/he0Z1Xxb4PMjQ5eYVBKNY_LHtJZg-G0d3XJmG72co7nWMuw", "content": "", "creation_timestamp": "2026-04-22T21:21:17.000000Z"} 2026-04-22T21:21:17+00:00 https://vulnerability.circl.lu/sighting/97a93ee2-c300-4ed3-ae5d-d6c2a2183721/export 97a93ee2-c300-4ed3-ae5d-d6c2a2183721 2026-06-23T03:35:24.753877+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "97a93ee2-c300-4ed3-ae5d-d6c2a2183721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34413", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mk4hye5zil2k", "content": "", "creation_timestamp": "2026-04-22T21:48:07.145593Z"} 2026-04-22T21:48:07.145593+00:00 https://vulnerability.circl.lu/sighting/04808882-9ecb-429c-a8c1-99cd6a76c984/export 04808882-9ecb-429c-a8c1-99cd6a76c984 2026-06-23T03:35:24.753797+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "04808882-9ecb-429c-a8c1-99cd6a76c984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-34415", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116452846954005943", "content": "", "creation_timestamp": "2026-04-23T07:30:28.263321Z"} 2026-04-23T07:30:28.263321+00:00 https://vulnerability.circl.lu/sighting/93073f1a-c3bc-42c9-bbc0-3b9c4cf86e50/export 93073f1a-c3bc-42c9-bbc0-3b9c4cf86e50 2026-06-23T03:35:24.753709+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "93073f1a-c3bc-42c9-bbc0-3b9c4cf86e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-34415", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mk5ijqavsk2v", "content": "", "creation_timestamp": "2026-04-23T07:30:30.337863Z"} 2026-04-23T07:30:30.337863+00:00 https://vulnerability.circl.lu/sighting/0c0d9bcc-61b4-4a0e-b4b0-07b83fea5a16/export 0c0d9bcc-61b4-4a0e-b4b0-07b83fea5a16 2026-06-23T03:35:24.753607+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0c0d9bcc-61b4-4a0e-b4b0-07b83fea5a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34413", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/xerte_unauthenticated_mediaupload.rb", "content": "{\"aliases\": [], \"arch\": \"php\", \"author\": [\"bootstrapbool \"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This module bypasses authentication failure, extension blacklist,\\n and path traversal vulnerabilities in the /editor/elfinder/php/connector.php\\n endpoint to upload and execute a shell in Xerte Online Toolkits\\n versions 3.15 (commit 4e40f8030a2e3267267db7ce03e0ff57270be6f5 as\\n there's no patch versions used) and earlier.\", \"disclosure_date\": \"2026-04-22\", \"fullname\": \"exploit/multi/http/xerte_unauthenticated_mediaupload\", \"is_install_path\": true, \"mod_time\": \"2026-06-13 16:01:29 +0000\", \"name\": \"Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload\", \"needs_cleanup\": true, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"artifacts-on-disk\", \"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/xerte_unauthenticated_mediaupload.rb\", \"platform\": \"Linux,PHP\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/xerte_unauthenticated_mediaupload\", \"references\": [\"CVE-2026-34413\", \"CVE-2026-34414\", \"CVE-2026-34415\", \"CVE-2026-41459\", \"URL-https://github.com/bootstrapbool/xerteonlinetoolkits-rce\"], \"rport\": 80, \"session_types\": false, \"targets\": [\"PHP\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-06-16T15:57:16.000000Z"} 2026-06-16T15:57:16+00:00 https://vulnerability.circl.lu/sighting/e0d867c0-295d-4bad-b9cb-71b2578122de/export e0d867c0-295d-4bad-b9cb-71b2578122de 2026-06-23T03:35:24.753483+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "e0d867c0-295d-4bad-b9cb-71b2578122de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34414", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/xerte_unauthenticated_mediaupload.rb", "content": "{\"aliases\": [], \"arch\": \"php\", \"author\": [\"bootstrapbool \"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This module bypasses authentication failure, extension blacklist,\\n and path traversal vulnerabilities in the /editor/elfinder/php/connector.php\\n endpoint to upload and execute a shell in Xerte Online Toolkits\\n versions 3.15 (commit 4e40f8030a2e3267267db7ce03e0ff57270be6f5 as\\n there's no patch versions used) and earlier.\", \"disclosure_date\": \"2026-04-22\", \"fullname\": \"exploit/multi/http/xerte_unauthenticated_mediaupload\", \"is_install_path\": true, \"mod_time\": \"2026-06-13 16:01:29 +0000\", \"name\": \"Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload\", \"needs_cleanup\": true, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"artifacts-on-disk\", \"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/xerte_unauthenticated_mediaupload.rb\", \"platform\": \"Linux,PHP\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/xerte_unauthenticated_mediaupload\", \"references\": [\"CVE-2026-34413\", \"CVE-2026-34414\", \"CVE-2026-34415\", \"CVE-2026-41459\", \"URL-https://github.com/bootstrapbool/xerteonlinetoolkits-rce\"], \"rport\": 80, \"session_types\": false, \"targets\": [\"PHP\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-06-16T15:57:16.000000Z"} 2026-06-16T15:57:16+00:00 https://vulnerability.circl.lu/sighting/d3357050-6a2e-42bb-a36c-12e4794d4da1/export d3357050-6a2e-42bb-a36c-12e4794d4da1 2026-06-23T03:35:24.751387+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d3357050-6a2e-42bb-a36c-12e4794d4da1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34415", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/xerte_unauthenticated_mediaupload.rb", "content": "{\"aliases\": [], \"arch\": \"php\", \"author\": [\"bootstrapbool \"], \"autofilter_ports\": [80, 8080, 443, 8000, 8888, 8880, 8008, 3000, 8443], \"autofilter_services\": [\"http\", \"https\"], \"check\": true, \"default_credential\": false, \"description\": \"This module bypasses authentication failure, extension blacklist,\\n and path traversal vulnerabilities in the /editor/elfinder/php/connector.php\\n endpoint to upload and execute a shell in Xerte Online Toolkits\\n versions 3.15 (commit 4e40f8030a2e3267267db7ce03e0ff57270be6f5 as\\n there's no patch versions used) and earlier.\", \"disclosure_date\": \"2026-04-22\", \"fullname\": \"exploit/multi/http/xerte_unauthenticated_mediaupload\", \"is_install_path\": true, \"mod_time\": \"2026-06-13 16:01:29 +0000\", \"name\": \"Xerte Online Toolkits Arbitrary File Upload - Unauthenticated Media Upload\", \"needs_cleanup\": true, \"notes\": {\"Reliability\": [\"repeatable-session\"], \"SideEffects\": [\"artifacts-on-disk\", \"ioc-in-logs\"], \"Stability\": [\"crash-safe\"]}, \"path\": \"/modules/exploits/multi/http/xerte_unauthenticated_mediaupload.rb\", \"platform\": \"Linux,PHP\", \"post_auth\": false, \"rank\": 600, \"ref_name\": \"multi/http/xerte_unauthenticated_mediaupload\", \"references\": [\"CVE-2026-34413\", \"CVE-2026-34414\", \"CVE-2026-34415\", \"CVE-2026-41459\", \"URL-https://github.com/bootstrapbool/xerteonlinetoolkits-rce\"], \"rport\": 80, \"session_types\": false, \"targets\": [\"PHP\"], \"type\": \"exploit\"}", "creation_timestamp": "2026-06-16T15:57:16.000000Z"} 2026-06-16T15:57:16+00:00