{"uuid": "2f554fd7-643c-4bc7-81c9-6eed35d0223b", "vulnerability": {"vulnId": "CVE-2016-3298", "altId": []}, "gcve": {"origin_uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "object_uuid": "2f554fd7-643c-4bc7-81c9-6eed35d0223b"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2022-05-24T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2022-05-24T00:00:00Z", "recorded_at": "2026-02-02T13:24:01Z", "first_seen_at": "2022-05-24T00:00:00Z"}, "scope": {"notes": "KEV entry: Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability | Affected: Microsoft / Internet Explorer | Description: An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow the attacker to test for the presence of files on disk. | Required action: Apply updates per vendor instructions. | Due date: 2022-06-14 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2016-3298"}, "evidence": [{"type": "vendor_report", "source": "cisa-kev", "signal": "successful_exploitation", "confidence": 0.8, "details": {"cwes": ["CWE-200"], "feed": "CISA Known Exploited Vulnerabilities Catalog", "product": "Internet Explorer", "due_date": "2022-06-14", "date_added": "2022-05-24", "vendorProject": "Microsoft", "vulnerabilityName": "Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability", "knownRansomwareCampaignUse": "Unknown"}}], "references": [{"id": "CVE-2016-3298", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-3298"}]}