<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Mon, 13 Jul 2026 19:31:48 +0000</lastBuildDate>
    <item>
      <title>d4dbb256-856a-47ab-9ce7-e4b20f578464</title>
      <link>https://vulnerability.circl.lu/sighting/d4dbb256-856a-47ab-9ce7-e4b20f578464/export</link>
      <description>{"uuid": "d4dbb256-856a-47ab-9ce7-e4b20f578464", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-12T00:00:41.862997Z"}</description>
      <content:encoded>{"uuid": "d4dbb256-856a-47ab-9ce7-e4b20f578464", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-12T00:00:41.862997Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d4dbb256-856a-47ab-9ce7-e4b20f578464/export</guid>
      <pubDate>Sun, 12 Jul 2026 00:00:41 +0000</pubDate>
    </item>
    <item>
      <title>55a62d36-bb79-4791-8358-767676d25a74</title>
      <link>https://vulnerability.circl.lu/sighting/55a62d36-bb79-4791-8358-767676d25a74/export</link>
      <description>{"uuid": "55a62d36-bb79-4791-8358-767676d25a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-11T18:00:04.584093Z"}</description>
      <content:encoded>{"uuid": "55a62d36-bb79-4791-8358-767676d25a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-11T18:00:04.584093Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/55a62d36-bb79-4791-8358-767676d25a74/export</guid>
      <pubDate>Sat, 11 Jul 2026 18:00:04 +0000</pubDate>
    </item>
    <item>
      <title>1a8639aa-249e-44e8-b864-8d30b9be2995</title>
      <link>https://vulnerability.circl.lu/sighting/1a8639aa-249e-44e8-b864-8d30b9be2995/export</link>
      <description>{"uuid": "1a8639aa-249e-44e8-b864-8d30b9be2995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-10T00:00:37.245418Z"}</description>
      <content:encoded>{"uuid": "1a8639aa-249e-44e8-b864-8d30b9be2995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-10T00:00:37.245418Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1a8639aa-249e-44e8-b864-8d30b9be2995/export</guid>
      <pubDate>Fri, 10 Jul 2026 00:00:37 +0000</pubDate>
    </item>
    <item>
      <title>6f6feaf9-e6aa-407b-9617-367b50c256c8</title>
      <link>https://vulnerability.circl.lu/sighting/6f6feaf9-e6aa-407b-9617-367b50c256c8/export</link>
      <description>{"uuid": "6f6feaf9-e6aa-407b-9617-367b50c256c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-09T03:00:13.377673Z"}</description>
      <content:encoded>{"uuid": "6f6feaf9-e6aa-407b-9617-367b50c256c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "https://t.me/brutsecurity/596", "content": "\ud83d\udd25Unauthenticated Magento XXE to Privilege Escalation\ud83d\udd25     \n     \n\u26a0\ufe0fCosmicSting enables attackers to gain unauthorized access to sensitive files, including those containing passwords.      \nWhen combined with a recent Linux bug (CVE-2024-2961),the vulnerability can be escalated to remote code execution. \n  \n\u25b6\ufe0fVideo POC: https://youtu.be/j9KiNmGbT9Q \n \n\ud83d\udd34POC: https://github.com/th3gokul/CVE-2024-34102  \n\ud83d\udca5Payload: https://gist.github.com/wtf-yodhha/b4b12a09a4c2d3af0e04b74968daed5d", "creation_timestamp": "2026-07-09T03:00:13.377673Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6f6feaf9-e6aa-407b-9617-367b50c256c8/export</guid>
      <pubDate>Thu, 09 Jul 2026 03:00:13 +0000</pubDate>
    </item>
    <item>
      <title>fccc6b54-b047-4fef-98f3-a6328b0912b6</title>
      <link>https://vulnerability.circl.lu/sighting/fccc6b54-b047-4fef-98f3-a6328b0912b6/export</link>
      <description>{"uuid": "fccc6b54-b047-4fef-98f3-a6328b0912b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "Telegram/IiZ67zcGoo6QZpKiZ8plCh_8QtxQmsZpB3uf27cpFh2eFp4", "content": "", "creation_timestamp": "2026-05-29T09:00:04.000000Z"}</description>
      <content:encoded>{"uuid": "fccc6b54-b047-4fef-98f3-a6328b0912b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "Telegram/IiZ67zcGoo6QZpKiZ8plCh_8QtxQmsZpB3uf27cpFh2eFp4", "content": "", "creation_timestamp": "2026-05-29T09:00:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/fccc6b54-b047-4fef-98f3-a6328b0912b6/export</guid>
      <pubDate>Fri, 29 May 2026 09:00:04 +0000</pubDate>
    </item>
    <item>
      <title>5a44c138-02d6-4db9-b5f4-dfc8ce7156fe</title>
      <link>https://vulnerability.circl.lu/sighting/5a44c138-02d6-4db9-b5f4-dfc8ce7156fe/export</link>
      <description>{"uuid": "5a44c138-02d6-4db9-b5f4-dfc8ce7156fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "Telegram/4V1L8rm_ci8R4NTF3AvtHqkyJLl9nOzw6nvw-H3zHaDaYho", "content": "", "creation_timestamp": "2026-05-13T03:00:06.000000Z"}</description>
      <content:encoded>{"uuid": "5a44c138-02d6-4db9-b5f4-dfc8ce7156fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "Telegram/4V1L8rm_ci8R4NTF3AvtHqkyJLl9nOzw6nvw-H3zHaDaYho", "content": "", "creation_timestamp": "2026-05-13T03:00:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/5a44c138-02d6-4db9-b5f4-dfc8ce7156fe/export</guid>
      <pubDate>Wed, 13 May 2026 03:00:06 +0000</pubDate>
    </item>
    <item>
      <title>c6825363-d4d2-4116-a2f3-2f1c574e2d38</title>
      <link>https://vulnerability.circl.lu/sighting/c6825363-d4d2-4116-a2f3-2f1c574e2d38/export</link>
      <description>{"uuid": "c6825363-d4d2-4116-a2f3-2f1c574e2d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}</description>
      <content:encoded>{"uuid": "c6825363-d4d2-4116-a2f3-2f1c574e2d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c6825363-d4d2-4116-a2f3-2f1c574e2d38/export</guid>
      <pubDate>Thu, 23 Oct 2025 21:13:02 +0000</pubDate>
    </item>
    <item>
      <title>7f522050-9d62-4603-9715-ecd74db54a72</title>
      <link>https://vulnerability.circl.lu/sighting/7f522050-9d62-4603-9715-ecd74db54a72/export</link>
      <description>{"uuid": "7f522050-9d62-4603-9715-ecd74db54a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:31.000000Z"}</description>
      <content:encoded>{"uuid": "7f522050-9d62-4603-9715-ecd74db54a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:31.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7f522050-9d62-4603-9715-ecd74db54a72/export</guid>
      <pubDate>Wed, 08 Oct 2025 21:59:31 +0000</pubDate>
    </item>
    <item>
      <title>0cabce34-b859-4d75-a491-4cced6d4a0f9</title>
      <link>https://vulnerability.circl.lu/sighting/0cabce34-b859-4d75-a491-4cced6d4a0f9/export</link>
      <description>{"uuid": "0cabce34-b859-4d75-a491-4cced6d4a0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"}</description>
      <content:encoded>{"uuid": "0cabce34-b859-4d75-a491-4cced6d4a0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0cabce34-b859-4d75-a491-4cced6d4a0f9/export</guid>
      <pubDate>Wed, 01 Oct 2025 18:11:57 +0000</pubDate>
    </item>
    <item>
      <title>d9f412d7-652f-4645-8247-c88dc0fc8256</title>
      <link>https://vulnerability.circl.lu/sighting/d9f412d7-652f-4645-8247-c88dc0fc8256/export</link>
      <description>{"uuid": "d9f412d7-652f-4645-8247-c88dc0fc8256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "published-proof-of-concept", "source": "Telegram/6lKByArH9FS3kGV0eBc5AxMt53ZNy3FxF1pgZuVY2NXgTHI", "content": "", "creation_timestamp": "2025-08-21T15:00:06.000000Z"}</description>
      <content:encoded>{"uuid": "d9f412d7-652f-4645-8247-c88dc0fc8256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2961", "type": "published-proof-of-concept", "source": "Telegram/6lKByArH9FS3kGV0eBc5AxMt53ZNy3FxF1pgZuVY2NXgTHI", "content": "", "creation_timestamp": "2025-08-21T15:00:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d9f412d7-652f-4645-8247-c88dc0fc8256/export</guid>
      <pubDate>Thu, 21 Aug 2025 15:00:06 +0000</pubDate>
    </item>
  </channel>
</rss>
