A new bundle, Vulnerabilities in multiple telnet implementation, has been published on Vulnerability-Lookup:
http://vulnerability.circl.lu/bundle/1e1a5c92-386f-4bce-a79d-a0850f3526dd
#VulnerabilityLookup
A new bundle, The GNU C Library version 2.43 is now available, has been published on Vulnerability-Lookup:
http://vulnerability.circl.lu/bundle/78ee0d13-7969-4870-8b23-a096918b6dc4
Vulnerabilities in various SAP products:
https://vulnerability.circl.lu/bundle/79cf05e4-8e7e-4859-b145-d69bffb52412
#SAP #Vulnerability #Vulnerabilitymanagement #CVE #VulnerabilityLookup
📢 We’ve made some improvements to FediVuln (https://github.com/vulnerability-lookup/FediVuln) – our tool for monitoring the Fediverse (sightings) and posting updates from our main Vulnerability-Lookup instance (https://vulnerability.circl.lu).
Easily stay up-to-date with:
- New vulnerabilities
- Comments on existing vulnerabilities
- New vulnerability bundles
🔔 You can follow updates via the bot: @vulnerability_lookup
#CyberSecurity #OpenSource #Fediverse #Vulnerability #Mastodon #VulnerabilityLookup
Maybe some of you are not aware about the @enisa_eu Known Exploited Vulnerabilities Catalog. In any case, it is now available via Vulnerability-Lookup:
https://vulnerability.circl.lu
and with the API:
https://vulnerability.circl.lu/api
Released 2.16.1 of Vulnerability-Lookup — addressing GCVE-1-2025-0004 / CVE-2025-60249 :
Improper Neutralization of Input During Web Page Generation (XSS - Cross-Site Scripting)
https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v2.16.1
We have released a new version of Vulnerability-Lookup! 🎉
This release is packed with many improvements and some nice new features.
For full details, head over to:
👉 https://www.vulnerability-lookup.org/2025/09/19/vulnerability-lookup-2-16-0/
#vulnerability #VulnerabilityLookup #cve #gcve #cybersecurity #opensource
Better late than never — we’ve just published the July Vulnerability Report.
👉 https://www.vulnerability-lookup.org/2025/08/23/vulnerability-report-july-2025/
📌 Key highlights:
The most reported vulnerability this month is CVE-2025-53770, a critical flaw in #Microsoft SharePoint Enterprise Server 2016, with more than 400 sightings.
Other high-impact issues include CVE-2025-5777 (#NetScaler ADC) and CVE-2025-25257 (#Fortinet #FortiWeb.
EU startet eigene #Vulnerability Database um sich von eigenständiger aufzustellen. Ein guter Schritt in die richtige Richtung, um sich unabhängig von manipulierten Datenbanken anderer Länder wie USA und China zu machen. Denn dort findet man u.U. nicht alles. So werden möglicherweise Schwachstellen - die Geheimdienste nutzen könnten - nicht veröffentlicht.
#enisa #cve #vulnerabilitymanagement #vulnerabilitylookup #eu #sicherheit #sicherheitslucke #cybersecurity
There's some cool sounding training on its way from @circl
CIRCL - Virtual Summer School (VSS) 2025
https://www.circl.lu/pub/vss-2025/
#MISP #AIL #LookyLoo #Lacus #Pandora #Kunai #DFIR #ThreatHunting #FlowIntel #Cerebrate #VulnerabilityLookup #GCVE
You can now follow the Vulnerability-Lookup discourse topic on Mastodon:
🚨 Vulnerability Report - May 2025 🚨
https://discourse.ossbase.org/t/vulnerability-report-may-2025/101?u=cedric
#vulnerability #VulnerabilityLookup #cybersecurity #cve #gcve #report
GCVE-1-2025-0001published on the CIRCL Vulnerability-Lookup instance (GNA-1)
The Global CVE (GCVE) allocation system is decentralized approach to vulnerability identification and numbering. The GCVE registry is a key component.
For this reason the registry is digitally signed using an RSA public key with SHA-512.
Thanks to the GCVE Python client, updating your local copy of the registry and verifying its integrity is just one command away:
$ gcve registry --pull
Learn more: https://gcve.eu
#Vulnerability #CVD #CVE #GCVE #OpenSource #VulnerabilityLookup
RSS feed for CISA KEV vulnerabilities, powered by Vulnerability-Lookup:
#rss #cisa #cybersecurity #feed #OpenSource #OpenData #cve #VulnerabilityLookup
🚨 April 2025 Vulnerability Report is out! 🚨
👉 https://www.vulnerability-lookup.org/2025/05/01/vulnerability-report-april-2025/
The most prominent vulnerabilities affect the following products:
- #Ivanti / #ConnectSecure
- #Erlang / OTP
- #SAP / SAP NetWeaver
The Continuous Exploitation section highlights several resurgent vulnerabilities (recently exploited at a high rate).
💻 NISDUC Conference
#VulnerabilityLookup will be presented during the fourth #NISDUC conference.
New blog post on the Vulnerability-Lookup blog:
LLMs + Vulnerability-Lookup: What We’re Testing and Where We’re Headed
https://www.vulnerability-lookup.org/2025/02/26/exploring-llm-in-vulnerability-lookup/
#NLP #LLM #Vulnerability #vulnerabilitylookup #opensource #cybersecurity
Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on #Fortinet #FortiGate Firewalls - Arctic Wolf
https://vulnerability.circl.lu/bundle/9a35bcae-d831-491f-945c-1fbd54769c38
CVE-2024-55591
CVE-2022-26118
February Security Advisory Ivanti is in #vulnerabilitylookup
https://vulnerability.circl.lu/bundle/85f9fd3a-b2ef-443b-b091-2cad7418236f
CVE-2024-38657
CVE-2025-22467
CVE-2024-10644
CVE-2024-12058
CVE-2024-13830
CVE-2024-13842
CVE-2024-13843
CVE-2024-13813
You can subscribe to #Ivanti products via email if you want to get updates:
New post from the #VulnerabilityLookup project about #Shadowserver and Sightings:
https://www.vulnerability-lookup.org/2025/01/22/shadowserver-sightings-in-vulnerability-lookup/
You can subscribe to the blog:
https://www.vulnerability-lookup.org/news/index.xml !
#opensource #cybersecurity #vulnerability #VulnerabilityLookup #TheShadowserverFoundation
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst