https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 00:23:53 +0000 https://vulnerability.circl.lu/sighting/6d4f70a5-7b82-4d61-a21a-6580e8de7669/export {"uuid": "6d4f70a5-7b82-4d61-a21a-6580e8de7669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27147", "type": "seen", "source": "Telegram/UPegbdrUObQcnilNjDwpJsece7fi6CrosD2C8DpjNeOtPKM", "content": "", "creation_timestamp": "2025-03-25T16:30:59.000000Z"} {"uuid": "6d4f70a5-7b82-4d61-a21a-6580e8de7669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27147", "type": "seen", "source": "Telegram/UPegbdrUObQcnilNjDwpJsece7fi6CrosD2C8DpjNeOtPKM", "content": "", "creation_timestamp": "2025-03-25T16:30:59.000000Z"} https://vulnerability.circl.lu/sighting/6d4f70a5-7b82-4d61-a21a-6580e8de7669/export Tue, 25 Mar 2025 16:30:59 +0000 https://vulnerability.circl.lu/sighting/7d655d1e-1401-4deb-93cf-5b39c4da5897/export {"uuid": "7d655d1e-1401-4deb-93cf-5b39c4da5897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27147", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7q2zohr426", "content": "", "creation_timestamp": "2025-03-25T16:49:45.293705Z"} {"uuid": "7d655d1e-1401-4deb-93cf-5b39c4da5897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27147", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7q2zohr426", "content": "", "creation_timestamp": "2025-03-25T16:49:45.293705Z"} https://vulnerability.circl.lu/sighting/7d655d1e-1401-4deb-93cf-5b39c4da5897/export Tue, 25 Mar 2025 16:49:45 +0000 https://vulnerability.circl.lu/sighting/455d1090-6816-4825-8aae-d3b5844e9570/export {"uuid": "455d1090-6816-4825-8aae-d3b5844e9570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27147", "type": "seen", "source": "https://t.me/cvedetector/21106", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27147 - GLPI Inventory Plugin Unauthenticated Remote Code Execution\", \n \"Content\": \"CVE ID : CVE-2025-27147 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory (SNMP), software deployment, VMWare ESX host remote inventory, and data collection (files, Windows registry, WMI). Versions prior to 1.5.0 have an improper access control vulnerability. Version 1.5.0 fixes the vulnerability. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"25 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:14.000000Z"} {"uuid": "455d1090-6816-4825-8aae-d3b5844e9570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27147", "type": "seen", "source": "https://t.me/cvedetector/21106", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27147 - GLPI Inventory Plugin Unauthenticated Remote Code Execution\", \n \"Content\": \"CVE ID : CVE-2025-27147 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : The GLPI Inventory Plugin handles various types of tasks for GLPI agents, including network discovery and inventory (SNMP), software deployment, VMWare ESX host remote inventory, and data collection (files, Windows registry, WMI). Versions prior to 1.5.0 have an improper access control vulnerability. Version 1.5.0 fixes the vulnerability. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"25 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:14.000000Z"} https://vulnerability.circl.lu/sighting/455d1090-6816-4825-8aae-d3b5844e9570/export Tue, 25 Mar 2025 17:49:14 +0000 https://vulnerability.circl.lu/sighting/73c76e32-9f85-451f-b284-ff7a37bc3a4f/export {"uuid": "73c76e32-9f85-451f-b284-ff7a37bc3a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "seen", "source": "https://t.me/cvedetector/21624", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27149 - Zulip Server Private Data Disclosure\", \n \"Content\": \"CVE ID : CVE-2025-27149 \nPublished : March 31, 2025, 4:15 p.m. | 48\u00a0minutes ago \nDescription : Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries (E.g., ZulipGitlabWebhook, okhttp, or PycURL) that have been used to access any organization on the server was incorrectly included in all three export types, regardless of if they were used to access the exported organization or not. The \"public data\" and \"with consent\" exports metadata including the titles of some topics in private channels which the administrator otherwise did not have access to, and none of the users consented to exporting and metadata for which users were in a group DM together. This vulnerability is fixed in 10.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:33.000000Z"} {"uuid": "73c76e32-9f85-451f-b284-ff7a37bc3a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "seen", "source": "https://t.me/cvedetector/21624", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27149 - Zulip Server Private Data Disclosure\", \n \"Content\": \"CVE ID : CVE-2025-27149 \nPublished : March 31, 2025, 4:15 p.m. | 48\u00a0minutes ago \nDescription : Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries (E.g., ZulipGitlabWebhook, okhttp, or PycURL) that have been used to access any organization on the server was incorrectly included in all three export types, regardless of if they were used to access the exported organization or not. The \"public data\" and \"with consent\" exports metadata including the titles of some topics in private channels which the administrator otherwise did not have access to, and none of the users consented to exporting and metadata for which users were in a group DM together. This vulnerability is fixed in 10.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:33.000000Z"} https://vulnerability.circl.lu/sighting/73c76e32-9f85-451f-b284-ff7a37bc3a4f/export Mon, 31 Mar 2025 19:12:33 +0000 https://vulnerability.circl.lu/sighting/33415f64-2afc-4704-a222-ff649613613d/export {"uuid": "33415f64-2afc-4704-a222-ff649613613d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9757", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27149\n\ud83d\udd25 CVSS Score: 4.6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries (E.g., ZulipGitlabWebhook, okhttp, or PycURL) that have been used to access any organization on the server was incorrectly included in all three export types, regardless of if they were used to access the exported organization or not. The \"public data\" and \"with consent\" exports metadata including the titles of some topics in private channels which the administrator otherwise did not have access to, and none of the users consented to exporting and metadata for which users were in a group DM together. This vulnerability is fixed in 10.0.\n\ud83d\udccf Published: 2025-03-31T15:33:38.543Z\n\ud83d\udccf Modified: 2025-03-31T18:36:58.695Z\n\ud83d\udd17 References:\n1. https://github.com/zulip/zulip/security/advisories/GHSA-358p-x39m-99mm", "creation_timestamp": "2025-03-31T19:31:24.000000Z"} {"uuid": "33415f64-2afc-4704-a222-ff649613613d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9757", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27149\n\ud83d\udd25 CVSS Score: 4.6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries (E.g., ZulipGitlabWebhook, okhttp, or PycURL) that have been used to access any organization on the server was incorrectly included in all three export types, regardless of if they were used to access the exported organization or not. The \"public data\" and \"with consent\" exports metadata including the titles of some topics in private channels which the administrator otherwise did not have access to, and none of the users consented to exporting and metadata for which users were in a group DM together. This vulnerability is fixed in 10.0.\n\ud83d\udccf Published: 2025-03-31T15:33:38.543Z\n\ud83d\udccf Modified: 2025-03-31T18:36:58.695Z\n\ud83d\udd17 References:\n1. https://github.com/zulip/zulip/security/advisories/GHSA-358p-x39m-99mm", "creation_timestamp": "2025-03-31T19:31:24.000000Z"} https://vulnerability.circl.lu/sighting/33415f64-2afc-4704-a222-ff649613613d/export Mon, 31 Mar 2025 19:31:24 +0000 https://vulnerability.circl.lu/sighting/dd041733-813b-4dda-8a63-7d04eeeeacf1/export {"uuid": "dd041733-813b-4dda-8a63-7d04eeeeacf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"} {"uuid": "dd041733-813b-4dda-8a63-7d04eeeeacf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"} https://vulnerability.circl.lu/sighting/dd041733-813b-4dda-8a63-7d04eeeeacf1/export Sun, 10 Aug 2025 18:27:44 +0000 https://vulnerability.circl.lu/sighting/c1b2dcea-351d-4c24-9a08-644996738d2e/export {"uuid": "c1b2dcea-351d-4c24-9a08-644996738d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27148", "type": "seen", "source": "MISP/af1fbe07-e10c-40c4-844e-d4419bdf6f80", "content": "", "creation_timestamp": "2025-08-22T13:26:18.000000Z"} {"uuid": "c1b2dcea-351d-4c24-9a08-644996738d2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27148", "type": "seen", "source": "MISP/af1fbe07-e10c-40c4-844e-d4419bdf6f80", "content": "", "creation_timestamp": "2025-08-22T13:26:18.000000Z"} https://vulnerability.circl.lu/sighting/c1b2dcea-351d-4c24-9a08-644996738d2e/export Fri, 22 Aug 2025 13:26:18 +0000 https://vulnerability.circl.lu/sighting/bdcd3313-785c-403b-92a8-ac02b279ea26/export {"uuid": "bdcd3313-785c-403b-92a8-ac02b279ea26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27140", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:23.000000Z"} {"uuid": "bdcd3313-785c-403b-92a8-ac02b279ea26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27140", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:23.000000Z"} https://vulnerability.circl.lu/sighting/bdcd3313-785c-403b-92a8-ac02b279ea26/export Fri, 22 Aug 2025 14:52:23 +0000 https://vulnerability.circl.lu/sighting/ce03de4b-a78a-42df-8cf0-196e82be8c96/export {"uuid": "ce03de4b-a78a-42df-8cf0-196e82be8c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27142", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:23.000000Z"} {"uuid": "ce03de4b-a78a-42df-8cf0-196e82be8c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27142", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:23.000000Z"} https://vulnerability.circl.lu/sighting/ce03de4b-a78a-42df-8cf0-196e82be8c96/export Fri, 22 Aug 2025 14:52:23 +0000 https://vulnerability.circl.lu/sighting/9421b9b8-262c-4d3f-8a7a-c2cdc4ea5889/export {"uuid": "9421b9b8-262c-4d3f-8a7a-c2cdc4ea5889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:56.000000Z"} {"uuid": "9421b9b8-262c-4d3f-8a7a-c2cdc4ea5889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27149", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:56.000000Z"} https://vulnerability.circl.lu/sighting/9421b9b8-262c-4d3f-8a7a-c2cdc4ea5889/export Wed, 10 Sep 2025 07:47:56 +0000