<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 14 Jul 2026 05:48:24 +0000</lastBuildDate>
    <item>
      <title>3187691d-181f-46fd-b268-44d16c1afd13</title>
      <link>https://vulnerability.circl.lu/sighting/3187691d-181f-46fd-b268-44d16c1afd13/export</link>
      <description>{"uuid": "3187691d-181f-46fd-b268-44d16c1afd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7692", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29776\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L)\n\ud83d\udd39 Description: Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling `setTimer` in Azle versions `0.27.0`, `0.28.0`, and `0.29.0` causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of `setTimer`. The problem has been fixed as of Azle version `0.30.0`. As a workaround, if a canister is caught in this infinite loop after calling `setTimer`, the canister can be upgraded and the timers will all be cleared, thus ending the loop.\n\ud83d\udccf Published: 2025-03-14T13:13:27.137Z\n\ud83d\udccf Modified: 2025-03-15T20:49:42.369Z\n\ud83d\udd17 References:\n1. https://github.com/demergent-labs/azle/security/advisories/GHSA-xc76-5pf9-mx8m\n2. https://github.com/demergent-labs/azle/releases/tag/0.30.0", "creation_timestamp": "2025-03-15T21:45:46.000000Z"}</description>
      <content:encoded>{"uuid": "3187691d-181f-46fd-b268-44d16c1afd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7692", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29776\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L)\n\ud83d\udd39 Description: Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling `setTimer` in Azle versions `0.27.0`, `0.28.0`, and `0.29.0` causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of `setTimer`. The problem has been fixed as of Azle version `0.30.0`. As a workaround, if a canister is caught in this infinite loop after calling `setTimer`, the canister can be upgraded and the timers will all be cleared, thus ending the loop.\n\ud83d\udccf Published: 2025-03-14T13:13:27.137Z\n\ud83d\udccf Modified: 2025-03-15T20:49:42.369Z\n\ud83d\udd17 References:\n1. https://github.com/demergent-labs/azle/security/advisories/GHSA-xc76-5pf9-mx8m\n2. https://github.com/demergent-labs/azle/releases/tag/0.30.0", "creation_timestamp": "2025-03-15T21:45:46.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3187691d-181f-46fd-b268-44d16c1afd13/export</guid>
      <pubDate>Sat, 15 Mar 2025 21:45:46 +0000</pubDate>
    </item>
    <item>
      <title>a18b986a-5168-4605-b51f-ed49424cddad</title>
      <link>https://vulnerability.circl.lu/sighting/a18b986a-5168-4605-b51f-ed49424cddad/export</link>
      <description>{"uuid": "a18b986a-5168-4605-b51f-ed49424cddad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lke2qhgz2f2m", "content": "", "creation_timestamp": "2025-03-14T16:46:17.051775Z"}</description>
      <content:encoded>{"uuid": "a18b986a-5168-4605-b51f-ed49424cddad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lke2qhgz2f2m", "content": "", "creation_timestamp": "2025-03-14T16:46:17.051775Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a18b986a-5168-4605-b51f-ed49424cddad/export</guid>
      <pubDate>Fri, 14 Mar 2025 16:46:17 +0000</pubDate>
    </item>
    <item>
      <title>226e9edf-387b-46b6-9aff-0b784f5a21fb</title>
      <link>https://vulnerability.circl.lu/sighting/226e9edf-387b-46b6-9aff-0b784f5a21fb/export</link>
      <description>{"uuid": "226e9edf-387b-46b6-9aff-0b784f5a21fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://t.me/cvedetector/20301", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29776 - Azle WebAssembly Runtime Timer Infinite Loop Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29776 \nPublished : March 14, 2025, 2:15 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling `setTimer` in Azle versions `0.27.0`, `0.28.0`, and `0.29.0` causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of `setTimer`. The problem has been fixed as of Azle version `0.30.0`. As a workaround, if a canister is caught in this infinite loop after calling `setTimer`, the canister can be upgraded and the timers will all be cleared, thus ending the loop. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T16:42:35.000000Z"}</description>
      <content:encoded>{"uuid": "226e9edf-387b-46b6-9aff-0b784f5a21fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://t.me/cvedetector/20301", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29776 - Azle WebAssembly Runtime Timer Infinite Loop Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29776 \nPublished : March 14, 2025, 2:15 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling `setTimer` in Azle versions `0.27.0`, `0.28.0`, and `0.29.0` causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of `setTimer`. The problem has been fixed as of Azle version `0.30.0`. As a workaround, if a canister is caught in this infinite loop after calling `setTimer`, the canister can be upgraded and the timers will all be cleared, thus ending the loop. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T16:42:35.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/226e9edf-387b-46b6-9aff-0b784f5a21fb/export</guid>
      <pubDate>Fri, 14 Mar 2025 16:42:35 +0000</pubDate>
    </item>
    <item>
      <title>0c5abd91-e959-44c0-a4d9-31b8a309caf7</title>
      <link>https://vulnerability.circl.lu/sighting/0c5abd91-e959-44c0-a4d9-31b8a309caf7/export</link>
      <description>{"uuid": "0c5abd91-e959-44c0-a4d9-31b8a309caf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lkdrzgfcqb2i", "content": "", "creation_timestamp": "2025-03-14T14:10:07.186785Z"}</description>
      <content:encoded>{"uuid": "0c5abd91-e959-44c0-a4d9-31b8a309caf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lkdrzgfcqb2i", "content": "", "creation_timestamp": "2025-03-14T14:10:07.186785Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0c5abd91-e959-44c0-a4d9-31b8a309caf7/export</guid>
      <pubDate>Fri, 14 Mar 2025 14:10:07 +0000</pubDate>
    </item>
  </channel>
</rss>
