<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 11 Jul 2026 22:08:30 +0000</lastBuildDate>
    <item>
      <title>c7662516-ca68-4fd4-9757-0513ce9e48ed</title>
      <link>https://vulnerability.circl.lu/sighting/c7662516-ca68-4fd4-9757-0513ce9e48ed/export</link>
      <description>{"uuid": "c7662516-ca68-4fd4-9757-0513ce9e48ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lxypug2e6n2m", "content": "", "creation_timestamp": "2025-09-04T08:24:56.711931Z"}</description>
      <content:encoded>{"uuid": "c7662516-ca68-4fd4-9757-0513ce9e48ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lxypug2e6n2m", "content": "", "creation_timestamp": "2025-09-04T08:24:56.711931Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c7662516-ca68-4fd4-9757-0513ce9e48ed/export</guid>
      <pubDate>Thu, 04 Sep 2025 08:24:56 +0000</pubDate>
    </item>
    <item>
      <title>e82e9052-3e9e-43d5-a363-2567d4304eca</title>
      <link>https://vulnerability.circl.lu/sighting/e82e9052-3e9e-43d5-a363-2567d4304eca/export</link>
      <description>{"uuid": "e82e9052-3e9e-43d5-a363-2567d4304eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lxypufufp42a", "content": "", "creation_timestamp": "2025-09-04T08:24:56.187880Z"}</description>
      <content:encoded>{"uuid": "e82e9052-3e9e-43d5-a363-2567d4304eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lxypufufp42a", "content": "", "creation_timestamp": "2025-09-04T08:24:56.187880Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e82e9052-3e9e-43d5-a363-2567d4304eca/export</guid>
      <pubDate>Thu, 04 Sep 2025 08:24:56 +0000</pubDate>
    </item>
    <item>
      <title>d24ea0c9-46e8-4d7e-bdb8-f83ae5823145</title>
      <link>https://vulnerability.circl.lu/sighting/d24ea0c9-46e8-4d7e-bdb8-f83ae5823145/export</link>
      <description>{"uuid": "d24ea0c9-46e8-4d7e-bdb8-f83ae5823145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://gist.github.com/Darkcrai86/eab514179e35f9b7c85e65f86f245ffe", "content": "", "creation_timestamp": "2025-09-04T07:09:54.000000Z"}</description>
      <content:encoded>{"uuid": "d24ea0c9-46e8-4d7e-bdb8-f83ae5823145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://gist.github.com/Darkcrai86/eab514179e35f9b7c85e65f86f245ffe", "content": "", "creation_timestamp": "2025-09-04T07:09:54.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d24ea0c9-46e8-4d7e-bdb8-f83ae5823145/export</guid>
      <pubDate>Thu, 04 Sep 2025 07:09:54 +0000</pubDate>
    </item>
    <item>
      <title>3c45552e-1500-4993-b7a3-d8c6b2ceeecc</title>
      <link>https://vulnerability.circl.lu/sighting/3c45552e-1500-4993-b7a3-d8c6b2ceeecc/export</link>
      <description>{"uuid": "3c45552e-1500-4993-b7a3-d8c6b2ceeecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27289", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18197", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27289\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder.\n\n\ud83d\udccf Published: 2024-03-06T18:28:12.291Z\n\ud83d\udccf Modified: 2025-06-12T15:45:56.361Z\n\ud83d\udd17 References:\n1. https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p\n2. https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df", "creation_timestamp": "2025-06-12T16:34:39.000000Z"}</description>
      <content:encoded>{"uuid": "3c45552e-1500-4993-b7a3-d8c6b2ceeecc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27289", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18197", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27289\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do not use the simple protocol or do not place a minus directly before a placeholder.\n\n\ud83d\udccf Published: 2024-03-06T18:28:12.291Z\n\ud83d\udccf Modified: 2025-06-12T15:45:56.361Z\n\ud83d\udd17 References:\n1. https://github.com/jackc/pgx/security/advisories/GHSA-m7wr-2xf7-cm9p\n2. https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df", "creation_timestamp": "2025-06-12T16:34:39.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3c45552e-1500-4993-b7a3-d8c6b2ceeecc/export</guid>
      <pubDate>Thu, 12 Jun 2025 16:34:39 +0000</pubDate>
    </item>
    <item>
      <title>f69ff11e-3678-4c1c-b851-04f799cf2f24</title>
      <link>https://vulnerability.circl.lu/sighting/f69ff11e-3678-4c1c-b851-04f799cf2f24/export</link>
      <description>{"uuid": "f69ff11e-3678-4c1c-b851-04f799cf2f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14628", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27280\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.\n\ud83d\udccf Published: 2024-05-08T20:51:20.388Z\n\ud83d\udccf Modified: 2025-05-02T23:02:57.276Z\n\ud83d\udd17 References:\n1. https://hackerone.com/reports/1399856\n2. https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/", "creation_timestamp": "2025-05-02T23:17:22.000000Z"}</description>
      <content:encoded>{"uuid": "f69ff11e-3678-4c1c-b851-04f799cf2f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14628", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27280\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fixed version; however, for Ruby 3.0 users, a fixed version is stringio 3.0.1.1, and for Ruby 3.1 users, a fixed version is stringio 3.0.1.2.\n\ud83d\udccf Published: 2024-05-08T20:51:20.388Z\n\ud83d\udccf Modified: 2025-05-02T23:02:57.276Z\n\ud83d\udd17 References:\n1. https://hackerone.com/reports/1399856\n2. https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/", "creation_timestamp": "2025-05-02T23:17:22.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f69ff11e-3678-4c1c-b851-04f799cf2f24/export</guid>
      <pubDate>Fri, 02 May 2025 23:17:22 +0000</pubDate>
    </item>
    <item>
      <title>eec46ff8-6175-4246-98ad-011bfaa5ea85</title>
      <link>https://vulnerability.circl.lu/sighting/eec46ff8-6175-4246-98ad-011bfaa5ea85/export</link>
      <description>{"uuid": "eec46ff8-6175-4246-98ad-011bfaa5ea85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27285", "type": "seen", "source": "Telegram/vIV9PPO6Am2zmE2Ef3XN_srB_1fvDP2jMdpYYvAxR-tC_qVm", "content": "", "creation_timestamp": "2025-02-14T21:08:30.000000Z"}</description>
      <content:encoded>{"uuid": "eec46ff8-6175-4246-98ad-011bfaa5ea85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27285", "type": "seen", "source": "Telegram/vIV9PPO6Am2zmE2Ef3XN_srB_1fvDP2jMdpYYvAxR-tC_qVm", "content": "", "creation_timestamp": "2025-02-14T21:08:30.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/eec46ff8-6175-4246-98ad-011bfaa5ea85/export</guid>
      <pubDate>Fri, 14 Feb 2025 21:08:30 +0000</pubDate>
    </item>
    <item>
      <title>a71bdabe-8dd2-45e7-b8b0-dc86a2e237e3</title>
      <link>https://vulnerability.circl.lu/sighting/a71bdabe-8dd2-45e7-b8b0-dc86a2e237e3/export</link>
      <description>{"uuid": "a71bdabe-8dd2-45e7-b8b0-dc86a2e237e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27288", "type": "seen", "source": "Telegram/LFLPvuZzRQRoOn1F_UxiZYwTQ6YBbfUdInggOWtZp80oYioq", "content": "", "creation_timestamp": "2025-02-14T10:03:10.000000Z"}</description>
      <content:encoded>{"uuid": "a71bdabe-8dd2-45e7-b8b0-dc86a2e237e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27288", "type": "seen", "source": "Telegram/LFLPvuZzRQRoOn1F_UxiZYwTQ6YBbfUdInggOWtZp80oYioq", "content": "", "creation_timestamp": "2025-02-14T10:03:10.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a71bdabe-8dd2-45e7-b8b0-dc86a2e237e3/export</guid>
      <pubDate>Fri, 14 Feb 2025 10:03:10 +0000</pubDate>
    </item>
    <item>
      <title>aa0ad5b2-2a24-41cc-8b74-b99b9bcded6e</title>
      <link>https://vulnerability.circl.lu/sighting/aa0ad5b2-2a24-41cc-8b74-b99b9bcded6e/export</link>
      <description>{"uuid": "aa0ad5b2-2a24-41cc-8b74-b99b9bcded6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27282", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7631", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/Abo5/CVE-2024-27282\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T23:57:02.000000Z"}</description>
      <content:encoded>{"uuid": "aa0ad5b2-2a24-41cc-8b74-b99b9bcded6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27282", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7631", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367\nURL\uff1ahttps://github.com/Abo5/CVE-2024-27282\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-12T23:57:02.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/aa0ad5b2-2a24-41cc-8b74-b99b9bcded6e/export</guid>
      <pubDate>Wed, 12 Jun 2024 23:57:02 +0000</pubDate>
    </item>
    <item>
      <title>048bdb92-f521-40f9-96e7-b3671774311c</title>
      <link>https://vulnerability.circl.lu/sighting/048bdb92-f521-40f9-96e7-b3671774311c/export</link>
      <description>{"uuid": "048bdb92-f521-40f9-96e7-b3671774311c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://t.me/breachdetector/498859", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2024-27280: Buffer Overread Vulnerability in StringIO ~ Ruby\", \n  \"author\": \" (Bunjo)\",\n  \"Detection Date\": \"17 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-17T23:34:58.000000Z"}</description>
      <content:encoded>{"uuid": "048bdb92-f521-40f9-96e7-b3671774311c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27280", "type": "seen", "source": "https://t.me/breachdetector/498859", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2024-27280: Buffer Overread Vulnerability in StringIO ~ Ruby\", \n  \"author\": \" (Bunjo)\",\n  \"Detection Date\": \"17 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-17T23:34:58.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/048bdb92-f521-40f9-96e7-b3671774311c/export</guid>
      <pubDate>Wed, 17 Apr 2024 23:34:58 +0000</pubDate>
    </item>
    <item>
      <title>085c7273-a083-4163-acd1-1728b4575d3b</title>
      <link>https://vulnerability.circl.lu/sighting/085c7273-a083-4163-acd1-1728b4575d3b/export</link>
      <description>{"uuid": "085c7273-a083-4163-acd1-1728b4575d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27287", "type": "seen", "source": "https://t.me/arpsyndicate/4624", "content": "#ExploitObserverAlert\n\nCVE-2024-29019\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-29019. ESPHome is a system to control microcontrollers remotely through Home Automation systems. API endpoints in dashboard component of ESPHome version 2023.12.9 (command line installation) are vulnerable to Cross-Site Request Forgery (CSRF) allowing remote attackers to carry out attacks against a logged user of the dashboard to perform operations on configuration files (create, edit, delete). It is possible for a malicious actor to create a specifically crafted web page that triggers a cross site request against ESPHome, this allows bypassing the authentication for API calls on the platform. This vulnerability allows bypassing authentication on API calls accessing configuration file operations on the behalf of a logged user. In order to trigger the vulnerability, the victim must visit a weaponized page. In addition to this, it is possible to chain this vulnerability with GHSA-9p43-hj5j-96h5/ CVE-2024-27287 to obtain a complete takeover of the user account. Version 2024.3.0 contains a patch for this issue.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.6145687", "creation_timestamp": "2024-04-13T01:34:54.000000Z"}</description>
      <content:encoded>{"uuid": "085c7273-a083-4163-acd1-1728b4575d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27287", "type": "seen", "source": "https://t.me/arpsyndicate/4624", "content": "#ExploitObserverAlert\n\nCVE-2024-29019\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-29019. ESPHome is a system to control microcontrollers remotely through Home Automation systems. API endpoints in dashboard component of ESPHome version 2023.12.9 (command line installation) are vulnerable to Cross-Site Request Forgery (CSRF) allowing remote attackers to carry out attacks against a logged user of the dashboard to perform operations on configuration files (create, edit, delete). It is possible for a malicious actor to create a specifically crafted web page that triggers a cross site request against ESPHome, this allows bypassing the authentication for API calls on the platform. This vulnerability allows bypassing authentication on API calls accessing configuration file operations on the behalf of a logged user. In order to trigger the vulnerability, the victim must visit a weaponized page. In addition to this, it is possible to chain this vulnerability with GHSA-9p43-hj5j-96h5/ CVE-2024-27287 to obtain a complete takeover of the user account. Version 2024.3.0 contains a patch for this issue.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.6145687", "creation_timestamp": "2024-04-13T01:34:54.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/085c7273-a083-4163-acd1-1728b4575d3b/export</guid>
      <pubDate>Sat, 13 Apr 2024 01:34:54 +0000</pubDate>
    </item>
  </channel>
</rss>
