https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 15 Jun 2026 03:09:09 +0000 https://vulnerability.circl.lu/sighting/90396520-6c6a-4580-8905-99e49f617224/export {"uuid": "90396520-6c6a-4580-8905-99e49f617224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23696", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5xkckm2f", "content": "", "creation_timestamp": "2025-01-22T15:20:16.642127Z"} {"uuid": "90396520-6c6a-4580-8905-99e49f617224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23696", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo5xkckm2f", "content": "", "creation_timestamp": "2025-01-22T15:20:16.642127Z"} https://vulnerability.circl.lu/sighting/90396520-6c6a-4580-8905-99e49f617224/export Wed, 22 Jan 2025 15:20:16 +0000 https://vulnerability.circl.lu/sighting/66b6d988-5e19-40ac-bd2c-a5bbf4350199/export {"uuid": "66b6d988-5e19-40ac-bd2c-a5bbf4350199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23697", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo625alr2x", "content": "", "creation_timestamp": "2025-01-22T15:20:19.656243Z"} {"uuid": "66b6d988-5e19-40ac-bd2c-a5bbf4350199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23697", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo625alr2x", "content": "", "creation_timestamp": "2025-01-22T15:20:19.656243Z"} https://vulnerability.circl.lu/sighting/66b6d988-5e19-40ac-bd2c-a5bbf4350199/export Wed, 22 Jan 2025 15:20:19 +0000 https://vulnerability.circl.lu/sighting/ee70da5f-7eb7-4d39-8306-c5fdb8f669dc/export {"uuid": "ee70da5f-7eb7-4d39-8306-c5fdb8f669dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23696", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2569", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23696\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Staging CDN allows Reflected XSS. This issue affects Staging CDN: from n/a through 1.0.0.\n\ud83d\udccf Published: 2025-01-22T14:29:19.831Z\n\ud83d\udccf Modified: 2025-01-22T15:17:26.494Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/staging-cdn/vulnerability/wordpress-staging-cdn-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:58.000000Z"} {"uuid": "ee70da5f-7eb7-4d39-8306-c5fdb8f669dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23696", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2569", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23696\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Staging CDN allows Reflected XSS. This issue affects Staging CDN: from n/a through 1.0.0.\n\ud83d\udccf Published: 2025-01-22T14:29:19.831Z\n\ud83d\udccf Modified: 2025-01-22T15:17:26.494Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/staging-cdn/vulnerability/wordpress-staging-cdn-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:58.000000Z"} https://vulnerability.circl.lu/sighting/ee70da5f-7eb7-4d39-8306-c5fdb8f669dc/export Wed, 22 Jan 2025 16:01:58 +0000 https://vulnerability.circl.lu/sighting/cff48d25-b4bf-488e-b4ab-f2cce2267c3b/export {"uuid": "cff48d25-b4bf-488e-b4ab-f2cce2267c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23695", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2568", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23695\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound CtyGrid Hyp3rL0cal Search allows Reflected XSS. This issue affects CtyGrid Hyp3rL0cal Search: from n/a through 0.1.1.1.\n\ud83d\udccf Published: 2025-01-22T14:29:19.683Z\n\ud83d\udccf Modified: 2025-01-22T15:19:44.029Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/hyp3rl0cal-city-search/vulnerability/wordpress-ctygrid-hyp3rl0cal-search-plugin-0-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:58.000000Z"} {"uuid": "cff48d25-b4bf-488e-b4ab-f2cce2267c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23695", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2568", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23695\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound CtyGrid Hyp3rL0cal Search allows Reflected XSS. This issue affects CtyGrid Hyp3rL0cal Search: from n/a through 0.1.1.1.\n\ud83d\udccf Published: 2025-01-22T14:29:19.683Z\n\ud83d\udccf Modified: 2025-01-22T15:19:44.029Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/hyp3rl0cal-city-search/vulnerability/wordpress-ctygrid-hyp3rl0cal-search-plugin-0-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:58.000000Z"} https://vulnerability.circl.lu/sighting/cff48d25-b4bf-488e-b4ab-f2cce2267c3b/export Wed, 22 Jan 2025 16:01:58 +0000 https://vulnerability.circl.lu/sighting/b753c273-96db-4a2a-80c5-424c4078fc61/export {"uuid": "b753c273-96db-4a2a-80c5-424c4078fc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23697", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2570", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23697\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebDeal s.r.o. Pod\u010dl\u00e1nkov\u00e1 inzerce allows Reflected XSS. This issue affects Pod\u010dl\u00e1nkov\u00e1 inzerce: from n/a through 2.4.0.\n\ud83d\udccf Published: 2025-01-22T14:29:19.982Z\n\ud83d\udccf Modified: 2025-01-22T15:15:38.244Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/podclankova-inzerce/vulnerability/wordpress-podclankova-inzerce-plugin-2-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:59.000000Z"} {"uuid": "b753c273-96db-4a2a-80c5-424c4078fc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23697", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2570", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23697\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebDeal s.r.o. Pod\u010dl\u00e1nkov\u00e1 inzerce allows Reflected XSS. This issue affects Pod\u010dl\u00e1nkov\u00e1 inzerce: from n/a through 2.4.0.\n\ud83d\udccf Published: 2025-01-22T14:29:19.982Z\n\ud83d\udccf Modified: 2025-01-22T15:15:38.244Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/podclankova-inzerce/vulnerability/wordpress-podclankova-inzerce-plugin-2-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-01-22T16:01:59.000000Z"} https://vulnerability.circl.lu/sighting/b753c273-96db-4a2a-80c5-424c4078fc61/export Wed, 22 Jan 2025 16:01:59 +0000 https://vulnerability.circl.lu/sighting/06ece3e6-b977-469f-8331-16e993d95be8/export {"uuid": "06ece3e6-b977-469f-8331-16e993d95be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7745", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2369\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-17T08:31:07.147Z\n\ud83d\udccf Modified: 2025-03-17T08:31:07.147Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299868\n2. https://vuldb.com/?ctiid.299868\n3. https://vuldb.com/?submit.515328\n4. https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/Stack-based%20Buffer%20Overflow%2002%20setPasswordCfg-_admpass.md\n5. https://www.totolink.net/", "creation_timestamp": "2025-03-17T08:46:46.000000Z"} {"uuid": "06ece3e6-b977-469f-8331-16e993d95be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7745", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2369\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-17T08:31:07.147Z\n\ud83d\udccf Modified: 2025-03-17T08:31:07.147Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299868\n2. https://vuldb.com/?ctiid.299868\n3. https://vuldb.com/?submit.515328\n4. https://github.com/kn0sky/cve/blob/main/TOTOLINK%20EX1800T/Stack-based%20Buffer%20Overflow%2002%20setPasswordCfg-_admpass.md\n5. https://www.totolink.net/", "creation_timestamp": "2025-03-17T08:46:46.000000Z"} https://vulnerability.circl.lu/sighting/06ece3e6-b977-469f-8331-16e993d95be8/export Mon, 17 Mar 2025 08:46:46 +0000 https://vulnerability.circl.lu/sighting/4c3d8c1f-cf1f-4c87-a6dd-5cf00996ac64/export {"uuid": "4c3d8c1f-cf1f-4c87-a6dd-5cf00996ac64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkkuolnn6s2j", "content": "", "creation_timestamp": "2025-03-17T09:46:22.518965Z"} {"uuid": "4c3d8c1f-cf1f-4c87-a6dd-5cf00996ac64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkkuolnn6s2j", "content": "", "creation_timestamp": "2025-03-17T09:46:22.518965Z"} https://vulnerability.circl.lu/sighting/4c3d8c1f-cf1f-4c87-a6dd-5cf00996ac64/export Mon, 17 Mar 2025 09:46:22 +0000 https://vulnerability.circl.lu/sighting/a51bc296-cf31-4897-9812-135e4afb306a/export {"uuid": "a51bc296-cf31-4897-9812-135e4afb306a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114177140451809805", "content": "", "creation_timestamp": "2025-03-17T09:48:22.642502Z"} {"uuid": "a51bc296-cf31-4897-9812-135e4afb306a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114177140451809805", "content": "", "creation_timestamp": "2025-03-17T09:48:22.642502Z"} https://vulnerability.circl.lu/sighting/a51bc296-cf31-4897-9812-135e4afb306a/export Mon, 17 Mar 2025 09:48:22 +0000 https://vulnerability.circl.lu/sighting/c058fb31-dd2d-4a07-9a5e-7eb557a47f39/export {"uuid": "c058fb31-dd2d-4a07-9a5e-7eb557a47f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://t.me/cvedetector/20444", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2369 - TOTOLINK EX1800T Stack-Based Buffer Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2369 \nPublished : March 17, 2025, 9:15 a.m. | 22\u00a0minutes ago \nDescription : A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T10:46:31.000000Z"} {"uuid": "c058fb31-dd2d-4a07-9a5e-7eb557a47f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "seen", "source": "https://t.me/cvedetector/20444", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2369 - TOTOLINK EX1800T Stack-Based Buffer Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2369 \nPublished : March 17, 2025, 9:15 a.m. | 22\u00a0minutes ago \nDescription : A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T10:46:31.000000Z"} https://vulnerability.circl.lu/sighting/c058fb31-dd2d-4a07-9a5e-7eb557a47f39/export Mon, 17 Mar 2025 10:46:31 +0000 https://vulnerability.circl.lu/sighting/d671b776-5e8b-4331-bef9-0bdf75b0a1ac/export {"uuid": "d671b776-5e8b-4331-bef9-0bdf75b0a1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "published-proof-of-concept", "source": "Telegram/k7Kg0Fyynw9AKxEWFZkxiubMrImY9Z1md51Ry-eSmZoqHAo", "content": "", "creation_timestamp": "2025-03-17T11:00:36.000000Z"} {"uuid": "d671b776-5e8b-4331-bef9-0bdf75b0a1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2369", "type": "published-proof-of-concept", "source": "Telegram/k7Kg0Fyynw9AKxEWFZkxiubMrImY9Z1md51Ry-eSmZoqHAo", "content": "", "creation_timestamp": "2025-03-17T11:00:36.000000Z"} https://vulnerability.circl.lu/sighting/d671b776-5e8b-4331-bef9-0bdf75b0a1ac/export Mon, 17 Mar 2025 11:00:36 +0000