https://vulnerability.circl.lu/sightings/feed 2026-06-26T12:39:33.478572+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/3460883e-a58a-4e78-a782-6fda7785d6c5/export 2026-06-26T12:39:33.495516+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "3460883e-a58a-4e78-a782-6fda7785d6c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36046", "type": "seen", "source": "https://t.me/cibsecurity/49142", "content": "\u203c CVE-2022-36046 \u203c\n\nNext.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v15.0.0 being used with strict `unhandledRejection` exiting AND using next start or a [custom server](https://nextjs.org/docs/advanced-features/custom-server). Deployments on Vercel ([vercel.com](https://vercel.com/)) are not affected along with similar environments where `next-server` isn't being shared across requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T22:37:04.000000Z"} 2022-08-31T22:37:04+00:00 https://vulnerability.circl.lu/sighting/bd65d23c-53c9-482f-8cde-ba2932fa164e/export 2026-06-26T12:39:33.495378+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "bd65d23c-53c9-482f-8cde-ba2932fa164e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36042", "type": "seen", "source": "https://t.me/cibsecurity/49345", "content": "\u203c CVE-2022-36042 \u203c\n\nRizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 556ca2f9eef01ec0f4a76d1fbacfcf3a87a44810 contains a patch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T22:13:34.000000Z"} 2022-09-06T22:13:34+00:00 https://vulnerability.circl.lu/sighting/9b0496ee-bad1-4dd8-8eca-d8abda8b2b80/export 2026-06-26T12:39:33.495238+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "9b0496ee-bad1-4dd8-8eca-d8abda8b2b80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36043", "type": "seen", "source": "https://t.me/cibsecurity/49376", "content": "\u203c CVE-2022-36043 \u203c\n\nRizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number a3d50c1ea185f3f642f2d8180715f82d98840784 contains a patch for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-07T00:13:24.000000Z"} 2022-09-07T00:13:24+00:00 https://vulnerability.circl.lu/sighting/bee2b67b-c62f-4b4a-a7c6-8492039f0ddc/export 2026-06-26T12:39:33.495094+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "bee2b67b-c62f-4b4a-a7c6-8492039f0ddc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36044", "type": "seen", "source": "https://t.me/cibsecurity/49379", "content": "\u203c CVE-2022-36044 \u203c\n\nRizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commits 07b43bc8aa1ffebd9b68d60624c9610cf7e460c7 and 05bbd147caccc60162d6fba9baaaf24befa281cd contain fixes for the issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-07T00:13:30.000000Z"} 2022-09-07T00:13:30+00:00 https://vulnerability.circl.lu/sighting/93c40c6b-0eb2-482c-81bd-9e8644db77b3/export 2026-06-26T12:39:33.494946+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "93c40c6b-0eb2-482c-81bd-9e8644db77b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36041", "type": "seen", "source": "https://t.me/cibsecurity/49382", "content": "\u203c CVE-2022-36041 \u203c\n\nRizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 7323e64d68ecccfb0ed3ee480f704384c38676b2 contains a patch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-07T00:13:33.000000Z"} 2022-09-07T00:13:33+00:00 https://vulnerability.circl.lu/sighting/a0576837-195e-45b0-af54-88e5d625e1c1/export 2026-06-26T12:39:33.494793+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a0576837-195e-45b0-af54-88e5d625e1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36040", "type": "seen", "source": "https://t.me/cibsecurity/49391", "content": "\u203c CVE-2022-36040 \u203c\n\nRizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from PYC(python) files. A user opening a malicious PYC file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 68948017423a12786704e54227b8b2f918c2fd27 contains a patch.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-07T16:23:57.000000Z"} 2022-09-07T16:23:57+00:00 https://vulnerability.circl.lu/sighting/4478fd78-893a-4e09-b09d-b54e0205b293/export 2026-06-26T12:39:33.494635+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "4478fd78-893a-4e09-b09d-b54e0205b293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36049", "type": "seen", "source": "https://t.me/cibsecurity/49410", "content": "\u203c CVE-2022-36049 \u203c\n\nFlux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. Helm controller is tightly integrated with the Helm SDK. A vulnerability found in the Helm SDK that affects flux2 v0.0.17 until v0.32.0 and helm-controller v0.0.4 until v0.23.0 allows for specific data inputs to cause high memory consumption. In some platforms, this could cause the controller to panic and stop processing reconciliations. In a shared cluster multi-tenancy environment, a tenant could create a HelmRelease that makes the controller panic, denying all other tenants from their Helm releases being reconciled. Patches are available in flux2 v0.32.0 and helm-controller v0.23.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T00:14:31.000000Z"} 2022-09-08T00:14:31+00:00 https://vulnerability.circl.lu/sighting/7815b033-9705-4368-9502-96dad96e2690/export 2026-06-26T12:39:33.494470+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "7815b033-9705-4368-9502-96dad96e2690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3604", "type": "seen", "source": "https://t.me/ctinow/173010", "content": "https://ift.tt/a1U2x4k\nCVE-2022-3604 Exploit", "creation_timestamp": "2024-01-24T19:16:40.000000Z"} 2024-01-24T19:16:40+00:00 https://vulnerability.circl.lu/sighting/675a32fa-68f7-4fe9-8a8a-d3422207f3c8/export 2026-06-26T12:39:33.494265+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "675a32fa-68f7-4fe9-8a8a-d3422207f3c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3604", "type": "seen", "source": "https://t.me/ctinow/179924", "content": "https://ift.tt/WuhUIdK\nCVE-2022-3604 | Contact Form Entries Plugin up to 1.2.x on WordPress csv injection", "creation_timestamp": "2024-02-06T11:41:06.000000Z"} 2024-02-06T11:41:06+00:00 https://vulnerability.circl.lu/sighting/11805716-e264-4570-92e4-d327fa897d86/export 2026-06-26T12:39:33.492210+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "11805716-e264-4570-92e4-d327fa897d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3604", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18094", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3604\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection.\n\ud83d\udccf Published: 2024-01-16T15:52:59.244Z\n\ud83d\udccf Modified: 2025-06-11T17:12:46.580Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/300ebfcd-c500-464e-b919-acfeb72593de/", "creation_timestamp": "2025-06-11T17:34:21.000000Z"} 2025-06-11T17:34:21+00:00