https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 23 Jun 2026 19:14:11 +0000 https://vulnerability.circl.lu/sighting/fca4a147-3db6-4eef-a476-a5254e16ea1a/export {"uuid": "fca4a147-3db6-4eef-a476-a5254e16ea1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22311\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Private Messages for UserPro. This issue affects Private Messages for UserPro: from n/a through 4.10.0.\n\ud83d\udccf Published: 2025-01-21T13:40:34.218Z\n\ud83d\udccf Modified: 2025-01-21T13:40:34.218Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/userpro-messaging/vulnerability/wordpress-private-messages-for-userpro-plugin-4-10-0-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:42.000000Z"} {"uuid": "fca4a147-3db6-4eef-a476-a5254e16ea1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22311\n\ud83d\udd39 Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Private Messages for UserPro. This issue affects Private Messages for UserPro: from n/a through 4.10.0.\n\ud83d\udccf Published: 2025-01-21T13:40:34.218Z\n\ud83d\udccf Modified: 2025-01-21T13:40:34.218Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/userpro-messaging/vulnerability/wordpress-private-messages-for-userpro-plugin-4-10-0-local-file-inclusion-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:42.000000Z"} https://vulnerability.circl.lu/sighting/fca4a147-3db6-4eef-a476-a5254e16ea1a/export Tue, 21 Jan 2025 14:01:42 +0000 https://vulnerability.circl.lu/sighting/f7e4f78f-82e0-45f8-bc96-595cfcbc78c9/export {"uuid": "f7e4f78f-82e0-45f8-bc96-595cfcbc78c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24s6b6j2r", "content": "", "creation_timestamp": "2025-01-21T14:16:23.319868Z"} {"uuid": "f7e4f78f-82e0-45f8-bc96-595cfcbc78c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24s6b6j2r", "content": "", "creation_timestamp": "2025-01-21T14:16:23.319868Z"} https://vulnerability.circl.lu/sighting/f7e4f78f-82e0-45f8-bc96-595cfcbc78c9/export Tue, 21 Jan 2025 14:16:23 +0000 https://vulnerability.circl.lu/sighting/d7e65475-ac38-4fe7-a278-db5d2ef83bd9/export {"uuid": "d7e65475-ac38-4fe7-a278-db5d2ef83bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24ufyq62j", "content": "", "creation_timestamp": "2025-01-21T14:16:25.462580Z"} {"uuid": "d7e65475-ac38-4fe7-a278-db5d2ef83bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb24ufyq62j", "content": "", "creation_timestamp": "2025-01-21T14:16:25.462580Z"} https://vulnerability.circl.lu/sighting/d7e65475-ac38-4fe7-a278-db5d2ef83bd9/export Tue, 21 Jan 2025 14:16:25 +0000 https://vulnerability.circl.lu/sighting/8c25e5f4-bbdf-4663-8614-49cac93741a1/export {"uuid": "8c25e5f4-bbdf-4663-8614-49cac93741a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820118163627", "content": "", "creation_timestamp": "2025-01-21T14:29:49.938831Z"} {"uuid": "8c25e5f4-bbdf-4663-8614-49cac93741a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22311", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820118163627", "content": "", "creation_timestamp": "2025-01-21T14:29:49.938831Z"} https://vulnerability.circl.lu/sighting/8c25e5f4-bbdf-4663-8614-49cac93741a1/export Tue, 21 Jan 2025 14:29:49 +0000 https://vulnerability.circl.lu/sighting/31218120-07f8-4d4c-b04b-e9097e2480a2/export {"uuid": "31218120-07f8-4d4c-b04b-e9097e2480a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820132800743", "content": "", "creation_timestamp": "2025-01-21T14:29:50.158830Z"} {"uuid": "31218120-07f8-4d4c-b04b-e9097e2480a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866820132800743", "content": "", "creation_timestamp": "2025-01-21T14:29:50.158830Z"} https://vulnerability.circl.lu/sighting/31218120-07f8-4d4c-b04b-e9097e2480a2/export Tue, 21 Jan 2025 14:29:50 +0000 https://vulnerability.circl.lu/sighting/7df703a6-8301-4275-8aa9-fe30b1bdd47f/export {"uuid": "7df703a6-8301-4275-8aa9-fe30b1bdd47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://t.me/cvedetector/15968", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22318 - Eniture Technology Standard Box Sizes WooCommerce Missing Authorization Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22318 \nPublished : Jan. 21, 2025, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Eniture Technology Standard Box Sizes \u2013 for WooCommerce. This issue affects Standard Box Sizes \u2013 for WooCommerce: from n/a through 1.6.13. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T16:08:07.000000Z"} {"uuid": "7df703a6-8301-4275-8aa9-fe30b1bdd47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22318", "type": "seen", "source": "https://t.me/cvedetector/15968", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-22318 - Eniture Technology Standard Box Sizes WooCommerce Missing Authorization Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-22318 \nPublished : Jan. 21, 2025, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Eniture Technology Standard Box Sizes \u2013 for WooCommerce. This issue affects Standard Box Sizes \u2013 for WooCommerce: from n/a through 1.6.13. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T16:08:07.000000Z"} https://vulnerability.circl.lu/sighting/7df703a6-8301-4275-8aa9-fe30b1bdd47f/export Tue, 21 Jan 2025 16:08:07 +0000 https://vulnerability.circl.lu/sighting/a450072a-e466-4ab6-9d26-cd173de70f6d/export {"uuid": "a450072a-e466-4ab6-9d26-cd173de70f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-129/", "content": "", "creation_timestamp": "2025-03-12T04:00:00.000000Z"} {"uuid": "a450072a-e466-4ab6-9d26-cd173de70f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-129/", "content": "", "creation_timestamp": "2025-03-12T04:00:00.000000Z"} https://vulnerability.circl.lu/sighting/a450072a-e466-4ab6-9d26-cd173de70f6d/export Wed, 12 Mar 2025 04:00:00 +0000 https://vulnerability.circl.lu/sighting/d19d1bb9-9148-4c37-a50f-ca7f4fd5d830/export {"uuid": "d19d1bb9-9148-4c37-a50f-ca7f4fd5d830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8525", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2231\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473.\n\ud83d\udccf Published: 2025-03-24T19:45:42.198Z\n\ud83d\udccf Modified: 2025-03-24T20:05:31.236Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-129/\n2. https://www.pdf-xchange.com/support/security-bulletins.html", "creation_timestamp": "2025-03-24T20:23:40.000000Z"} {"uuid": "d19d1bb9-9148-4c37-a50f-ca7f4fd5d830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8525", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2231\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473.\n\ud83d\udccf Published: 2025-03-24T19:45:42.198Z\n\ud83d\udccf Modified: 2025-03-24T20:05:31.236Z\n\ud83d\udd17 References:\n1. https://www.zerodayinitiative.com/advisories/ZDI-25-129/\n2. https://www.pdf-xchange.com/support/security-bulletins.html", "creation_timestamp": "2025-03-24T20:23:40.000000Z"} https://vulnerability.circl.lu/sighting/d19d1bb9-9148-4c37-a50f-ca7f4fd5d830/export Mon, 24 Mar 2025 20:23:40 +0000 https://vulnerability.circl.lu/sighting/80c35471-7376-4368-931f-0a92d371e78a/export {"uuid": "80c35471-7376-4368-931f-0a92d371e78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://t.me/cvedetector/20992", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2231 - PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2231 \nPublished : March 24, 2025, 8:15 p.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. \n \nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T22:35:04.000000Z"} {"uuid": "80c35471-7376-4368-931f-0a92d371e78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://t.me/cvedetector/20992", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2231 - PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2231 \nPublished : March 24, 2025, 8:15 p.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. \n \nThe specific flaw exists within the parsing of RTF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25473. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T22:35:04.000000Z"} https://vulnerability.circl.lu/sighting/80c35471-7376-4368-931f-0a92d371e78a/export Mon, 24 Mar 2025 22:35:04 +0000 https://vulnerability.circl.lu/sighting/f5dabbec-b133-4bd6-a526-4995bca0535f/export {"uuid": "f5dabbec-b133-4bd6-a526-4995bca0535f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll5t67fkg52m", "content": "", "creation_timestamp": "2025-03-24T22:39:55.082808Z"} {"uuid": "f5dabbec-b133-4bd6-a526-4995bca0535f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2231", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll5t67fkg52m", "content": "", "creation_timestamp": "2025-03-24T22:39:55.082808Z"} https://vulnerability.circl.lu/sighting/f5dabbec-b133-4bd6-a526-4995bca0535f/export Mon, 24 Mar 2025 22:39:55 +0000