{"vulnerability": "cve-2009-1537", "sightings": [{"uuid": "8d05caa9-c9cf-4af4-9823-61e3c2aede48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mmhsaa4nxj2i", "content": "The oldest five still being exploited: CVE-2008-4250 (Windows), CVE-2009-1537 (DirectX), CVE-2009-3459 (Adobe Reader), CVE-2010-0249 and CVE-2010-0806 (Internet Explorer). All five were added on May 20.", "creation_timestamp": "2026-05-22T20:41:08.644797Z"}, {"uuid": "4a4cdfc6-86c6-4f11-8e9e-26389f498d72", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2009-1537", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/675f3e40-1b20-4f43-8a01-57264171ed3f", "content": "", "creation_timestamp": "2026-05-20T18:00:02.550991Z"}, {"uuid": "08051565-4484-4d14-89fd-516a7457dd8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "seen", "source": "https://infosec.exchange/users/secdb/statuses/116608677530202595", "content": "\ud83d\udea8 [CISA-2026:0520] CISA Adds 7 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0520)\nCISA has added 7 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.\n\u26a0\ufe0f CVE-2008-4250 (https://secdb.nttzen.cloud/cve/detail/CVE-2008-4250)- Name: Microsoft Windows Buffer Overflow Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Windows- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-067 ; https://nvd.nist.gov/vuln/detail/CVE-2008-4250\n\u26a0\ufe0f CVE-2009-1537 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-1537)- Name: Microsoft DirectX NULL Byte Overwrite Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: DirectX- Notes: https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 ; https://nvd.nist.gov/vuln/detail/CVE-2009-1537\n\u26a0\ufe0f CVE-2009-3459 (https://secdb.nttzen.cloud/cve/detail/CVE-2009-3459)- Name: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Adobe- Product: Acrobat and Reader- Notes: https://www.cisa.gov/news-events/alerts/2009/10/13/adobe-reader-and-acrobat-vulnerabilities ; https://web.archive.org/web/20120324170253/http://www.adobe.com/support/security/bulletins/apsb09-15.html#:~:text=CVE%2D2009%2D3459).-,NOTE%3A,-There%20are%20reports ; https://nvd.nist.gov/vuln/detail/CVE-2009-3459\n\u26a0\ufe0f CVE-2010-0249 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0249)- Name: Microsoft Internet Explorer Use-After-Free Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Internet Explorer- Notes: https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2010/979352 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0249\n\u26a0\ufe0f CVE-2010-0806 (https://secdb.nttzen.cloud/cve/detail/CVE-2010-0806)- Name: Microsoft Internet Explorer Use-After-Free Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Internet Explorer- Notes: https://learn.microsoft.com/en-us/security-updates/securityadvisories/2010/981374 ; https://nvd.nist.gov/vuln/detail/CVE-2010-0806\n\u26a0\ufe0f CVE-2026-41091 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41091)- Name: Microsoft Defender Link Following Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Defender- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-41091 ; https://nvd.nist.gov/vuln/detail/CVE-2026-41091\n\u26a0\ufe0f CVE-2026-45498 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45498)- Name: Microsoft Defender Denial of Service Vulnerability- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.- Known To Be Used in Ransomware Campaigns? Unknown- Vendor: Microsoft- Product: Defender- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-45498 ; https://nvd.nist.gov/vuln/detail/CVE-2026-45498\n#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260520 #cisa20260520 #cve_2008_4250 #cve_2009_1537 #cve_2009_3459 #cve_2010_0249 #cve_2010_0806 #cve_2026_41091 #cve_2026_45498 #cve20084250 #cve20091537 #cve20093459 #cve20100249 #cve20100806 #cve202641091 #cve202645498", "creation_timestamp": "2026-05-20T21:13:36.516973Z"}, {"uuid": "a3137d92-7fd5-4954-af55-61e655eb40db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mn7mmcjrmx2v", "content": "Oldest CVEs in this batch: CVE-2008-4250 (Microsoft), CVE-2009-1537 (Microsoft), CVE-2009-3459 (Adobe), CVE-2010-0249 (Microsoft), CVE-2010-0806 (Microsoft).", "creation_timestamp": "2026-06-01T08:04:25.272352Z"}, {"uuid": "3bd36a34-25b7-4421-ab5c-947fdbab3529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mmnzdevzpf2r", "content": "Oldest CVEs in this batch: CVE-2008-4250 (Microsoft), CVE-2009-1537 (Microsoft), CVE-2009-3459 (Adobe), CVE-2010-0249 (Microsoft), CVE-2010-0806 (Microsoft).", "creation_timestamp": "2026-05-25T08:04:09.638100Z"}, {"uuid": "d447b9c9-0da6-42c8-8203-a3bbd31bd89f", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/510de656-86ae-497e-811b-c52d7f87de41", "content": "", "creation_timestamp": "2026-06-19T16:45:40.457348Z"}, {"uuid": "e35d609c-84e9-4505-8a4b-4d43d640715c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3mnr7vvc4p52j", "content": "Oldest CVEs in this batch: CVE-2008-4250 (Microsoft), CVE-2009-1537 (Microsoft), CVE-2009-3459 (Adobe), CVE-2010-0249 (Microsoft), CVE-2010-0806 (Microsoft).", "creation_timestamp": "2026-06-08T08:05:03.476884Z"}, {"uuid": "53e7b1c2-9a75-4254-a9ea-a97b34bf3d3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "seen", "source": "https://bsky.app/profile/shortinfo.bsky.social/post/3moct7ju2se2q", "content": "Oldest CVEs in this batch: CVE-2008-4250 (Microsoft), CVE-2009-1537 (Microsoft), CVE-2009-3459 (Adobe), CVE-2010-0249 (Microsoft), CVE-2010-0806 (Microsoft).", "creation_timestamp": "2026-06-15T08:05:43.509395Z"}, {"uuid": "ba8b8c08-7400-4cf0-ba71-eb6c8b914c13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2009-1537", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mopwyr46bk2s", "content": "\u7c73\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09\u306f\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u3068\u30a2\u30c9\u30d3\u306e\u8106\u5f31\u6027\u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30ea\u30b9\u30c8\u306b\u8ffd\u52a0\u3057\u305f\u3002\n\n\u7c73\u56fd\u306e\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5e81\uff08CISA\uff09 \u306f\u3001Windows Shell\u3068ConnectWise ScreenConnect\u306e\u8106\u5f31\u6027\u3092\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\uff08KEV\uff09\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3057\u305f\u3002\n\n\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0\u3055\u308c\u305f\u4e0d\u5177\u5408\u306f\u4ee5\u4e0b\u306e\u3068\u304a\u308a\u3067\u3059\u3002\n\nCVE-2008-4250  Microsoft Windows \u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\u306e\u8106\u5f31\u6027\nCVE-2009-1537  Microsoft DirectX\u306eNUL...", "creation_timestamp": "2026-06-20T13:18:10.447549Z"}]}