<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-16T12:11:22.576095+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c33be29a-2cb8-4a16-93ca-91bd17aac512/export</id>
    <title>c33be29a-2cb8-4a16-93ca-91bd17aac512</title>
    <updated>2026-07-16T12:11:22.597189+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c33be29a-2cb8-4a16-93ca-91bd17aac512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24824", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/91144", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a graylog-cve-2023-24824-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rootkiTED\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-29 12:59:02\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof-of-concept exploit for CVE-2023-24824 demonstrating how an arbitrary class loading primitive can be transformed into remote code execution on vulnerable Graylog deployments.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:24.023294Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c33be29a-2cb8-4a16-93ca-91bd17aac512/export"/>
    <published>2026-07-15T00:00:24.023294+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/404e34f2-42ec-4d1a-af90-f07e9437c6b5/export</id>
    <title>404e34f2-42ec-4d1a-af90-f07e9437c6b5</title>
    <updated>2026-07-16T12:11:22.600686+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "404e34f2-42ec-4d1a-af90-f07e9437c6b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24824", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/91154", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a graylog-cve-2024-24824-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rootkiTED\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-29 13:57:03\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof-of-concept exploit for CVE-2023-24824 demonstrating how an arbitrary class loading primitive can be transformed into remote code execution on vulnerable Graylog deployments.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-15T00:00:23.980022Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/404e34f2-42ec-4d1a-af90-f07e9437c6b5/export"/>
    <published>2026-07-15T00:00:23.980022+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2e569b87-f75a-4628-904c-5f1eb3cd6e8f/export</id>
    <title>2e569b87-f75a-4628-904c-5f1eb3cd6e8f</title>
    <updated>2026-07-16T12:11:22.600842+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2e569b87-f75a-4628-904c-5f1eb3cd6e8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24824", "type": "seen", "source": "https://t.me/GithubRedTeam/91154", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a graylog-cve-2024-24824-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rootkiTED\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-29 13:57:03\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof-of-concept exploit for CVE-2023-24824 demonstrating how an arbitrary class loading primitive can be transformed into remote code execution on vulnerable Graylog deployments.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:33.879710Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2e569b87-f75a-4628-904c-5f1eb3cd6e8f/export"/>
    <published>2026-07-14T00:00:33.879710+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5185fbb5-0973-4ef4-8745-da1b8f90a33f/export</id>
    <title>5185fbb5-0973-4ef4-8745-da1b8f90a33f</title>
    <updated>2026-07-16T12:11:22.600946+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5185fbb5-0973-4ef4-8745-da1b8f90a33f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24824", "type": "seen", "source": "https://t.me/GithubRedTeam/91144", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a graylog-cve-2023-24824-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rootkiTED\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-29 12:59:02\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof-of-concept exploit for CVE-2023-24824 demonstrating how an arbitrary class loading primitive can be transformed into remote code execution on vulnerable Graylog deployments.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-14T00:00:33.790055Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5185fbb5-0973-4ef4-8745-da1b8f90a33f/export"/>
    <published>2026-07-14T00:00:33.790055+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/db922dd7-37a5-4e37-a897-063a7b9437f5/export</id>
    <title>db922dd7-37a5-4e37-a897-063a7b9437f5</title>
    <updated>2026-07-16T12:11:22.601044+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "db922dd7-37a5-4e37-a897-063a7b9437f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24824", "type": "seen", "source": "https://t.me/GithubRedTeam/91154", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a graylog-cve-2024-24824-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rootkiTED\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-29 13:57:03\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof-of-concept exploit for CVE-2023-24824 demonstrating how an arbitrary class loading primitive can be transformed into remote code execution on vulnerable Graylog deployments.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:17.385605Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/db922dd7-37a5-4e37-a897-063a7b9437f5/export"/>
    <published>2026-07-13T22:00:17.385605+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/105d870a-2ffe-4422-9d88-d984c6aa5c32/export</id>
    <title>105d870a-2ffe-4422-9d88-d984c6aa5c32</title>
    <updated>2026-07-16T12:11:22.601143+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "105d870a-2ffe-4422-9d88-d984c6aa5c32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24824", "type": "seen", "source": "https://t.me/GithubRedTeam/91144", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #Exploit #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a graylog-cve-2023-24824-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a rootkiTED\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-29 12:59:02\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof-of-concept exploit for CVE-2023-24824 demonstrating how an arbitrary class loading primitive can be transformed into remote code execution on vulnerable Graylog deployments.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-07-13T22:00:17.295368Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/105d870a-2ffe-4422-9d88-d984c6aa5c32/export"/>
    <published>2026-07-13T22:00:17.295368+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/5bde4cfb-5718-4ea4-9839-8b6923f8ab1f/export</id>
    <title>5bde4cfb-5718-4ea4-9839-8b6923f8ab1f</title>
    <updated>2026-07-16T12:11:22.601241+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "5bde4cfb-5718-4ea4-9839-8b6923f8ab1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24829", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9147", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24829\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database.\n\nThis problem is fixed from version 0.13.3 of iotdb-web-workbench onwards.\n\n\n\n\ud83d\udccf Published: 2023-01-31T09:22:41.587Z\n\ud83d\udccf Modified: 2025-03-27T17:13:42.494Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/l0b59hh046tyn4gqot0bdrpg8gxlksmo", "creation_timestamp": "2025-03-27T17:26:35.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/5bde4cfb-5718-4ea4-9839-8b6923f8ab1f/export"/>
    <published>2025-03-27T17:26:35+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dc3bf2fb-76cc-46f4-912c-0f8c54a0a314/export</id>
    <title>dc3bf2fb-76cc-46f4-912c-0f8c54a0a314</title>
    <updated>2026-07-16T12:11:22.601340+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dc3bf2fb-76cc-46f4-912c-0f8c54a0a314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24826", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1165", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24826\n\ud83d\udd39 Description: RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send crafted frames to the device to trigger the usage of an uninitialized object leading to denial of service. This issue is fixed in version 2023.04. As a workaround, disable fragment forwarding or SFR.\n\ud83d\udccf Published: 2023-05-30T16:07:45.208Z\n\ud83d\udccf Modified: 2025-01-10T16:54:54.059Z\n\ud83d\udd17 References:\n1. https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-xfj4-9g7w-f4gh\n2. https://github.com/RIOT-OS/RIOT/commit/287f030af20e829469cdf740606148018a5a220d\n3. https://github.com/RIOT-OS/RIOT/blob/ccbb304eae7b59e8aca24a6ffd095b5b3f7720ee/sys/net/gnrc/network_layer/sixlowpan/frag/sfr/gnrc_sixlowpan_frag_sfr.c#L402\n4. https://github.com/RIOT-OS/RIOT/blob/ccbb304eae7b59e8aca24a6ffd095b5b3f7720ee/sys/net/gnrc/network_layer/sixlowpan/frag/sfr/gnrc_sixlowpan_frag_sfr.c#L420", "creation_timestamp": "2025-01-10T17:03:32.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dc3bf2fb-76cc-46f4-912c-0f8c54a0a314/export"/>
    <published>2025-01-10T17:03:32+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a10df98f-c020-49d6-a1a7-d1c4b5db553c/export</id>
    <title>a10df98f-c020-49d6-a1a7-d1c4b5db553c</title>
    <updated>2026-07-16T12:11:22.601444+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a10df98f-c020-49d6-a1a7-d1c4b5db553c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24825", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1164", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24825\n\ud83d\udd39 Description: RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service. This issue is fixed in version 2023.04. There are no known workarounds.\n\ud83d\udccf Published: 2023-05-30T15:54:49.930Z\n\ud83d\udccf Modified: 2025-01-10T16:55:33.480Z\n\ud83d\udd17 References:\n1. https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-xqm8-xj74-fjw2\n2. https://github.com/RIOT-OS/RIOT/commit/0c522075445a62ce3102e141573ecc2788521897\n3. https://github.com/RIOT-OS/RIOT/blob/2022.10-branch/sys/net/gnrc/network_layer/sixlowpan/frag/rb/gnrc_sixlowpan_frag_rb.c#L416\n4. https://github.com/RIOT-OS/RIOT/blob/2022.10-branch/sys/net/gnrc/network_layer/sixlowpan/frag/rb/gnrc_sixlowpan_frag_rb.c#L429\n5. https://github.com/RIOT-OS/RIOT/blob/2022.10-branch/sys/net/gnrc/network_layer/sixlowpan/iphc/gnrc_sixlowpan_iphc.c#L729\n6. https://github.com/RIOT-OS/RIOT/blob/2022.10-branch/sys/net/gnrc/network_layer/sixlowpan/iphc/gnrc_sixlowpan_iphc.c#L761\n7. https://github.com/RIOT-OS/RIOT/blob/ccbb304eae7b59e8aca24a6ffd095b5b3f7720ee/sys/net/gnrc/pktbuf_static/gnrc_pktbuf_static.c#L169", "creation_timestamp": "2025-01-10T17:03:29.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a10df98f-c020-49d6-a1a7-d1c4b5db553c/export"/>
    <published>2025-01-10T17:03:29+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/93faa083-ca24-4141-9dbf-0a8ee74caf61/export</id>
    <title>93faa083-ca24-4141-9dbf-0a8ee74caf61</title>
    <updated>2026-07-16T12:11:22.601546+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "93faa083-ca24-4141-9dbf-0a8ee74caf61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24823", "type": "seen", "source": "https://t.me/cibsecurity/62733", "content": "\u203c CVE-2023-24823 \u203c\n\nRIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a type confusion between IPv6 extension headers and a UDP header. This occurs while encoding a 6LoWPAN IPHC header. The type confusion manifests in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Version 2022.10 fixes this issue. As a workaround, apply the patches manually.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T20:19:34.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/93faa083-ca24-4141-9dbf-0a8ee74caf61/export"/>
    <published>2023-04-24T20:19:34+00:00</published>
  </entry>
</feed>
