<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent entries from cvelistv5</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent entries.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 03:03:48 +0000</lastBuildDate>
    <item>
      <title>cve-2026-9508</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-9508</link>
      <description>Incorrect Permission Assignment for Critical Resource vulnerability in Suprema's BioStar</description>
      <content:encoded>Incorrect Permission Assignment for Critical Resource vulnerability in Suprema's BioStar</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-9508</guid>
      <pubDate>Fri, 29 May 2026 12:09:02 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-9152</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-9152</link>
      <description>Unauthenticated SOAP Endpoint in Altium 365 SearchService Allows Cross-Tenant Data Exfiltration and Index Destruction</description>
      <content:encoded>Unauthenticated SOAP Endpoint in Altium 365 SearchService Allows Cross-Tenant Data Exfiltration and Index Destruction</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-9152</guid>
      <pubDate>Thu, 21 May 2026 00:47:24 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-8326</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-8326</link>
      <description>Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE</description>
      <content:encoded>Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-8326</guid>
      <pubDate>Fri, 29 May 2026 11:47:02 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-8054</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-8054</link>
      <description>Unauthenticated SQL Injection in dotCMS Publish Audit API</description>
      <content:encoded>Unauthenticated SQL Injection in dotCMS Publish Audit API</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-8054</guid>
      <pubDate>Wed, 27 May 2026 07:55:25 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-7411</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-7411</link>
      <description></description>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-7411</guid>
      <pubDate>Tue, 05 May 2026 14:07:53 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-7312</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-7312</link>
      <description>CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity</description>
      <content:encoded>CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-7312</guid>
      <pubDate>Tue, 02 Jun 2026 13:09:06 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-6213</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-6213</link>
      <description>Remote Spark SparkView RCE</description>
      <content:encoded>Remote Spark SparkView RCE</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-6213</guid>
      <pubDate>Fri, 08 May 2026 09:04:24 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-57700</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-57700</link>
      <description>WordPress OMGF Pro plugin &lt;= 5.2.6 - Arbitrary File Upload vulnerability</description>
      <content:encoded>WordPress OMGF Pro plugin &lt;= 5.2.6 - Arbitrary File Upload vulnerability</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-57700</guid>
      <pubDate>Thu, 25 Jun 2026 17:29:31 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-57624</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-57624</link>
      <description>WordPress Blocksy Companion Pro plugin &lt;= 2.1.46 - Remote Code Execution (RCE) vulnerability</description>
      <content:encoded>WordPress Blocksy Companion Pro plugin &lt;= 2.1.46 - Remote Code Execution (RCE) vulnerability</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-57624</guid>
      <pubDate>Thu, 02 Jul 2026 11:15:26 +0000</pubDate>
    </item>
    <item>
      <title>cve-2026-57572</title>
      <link>https://vulnerability.circl.lu/vuln/cve-2026-57572</link>
      <description>Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args</description>
      <content:encoded>Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/vuln/cve-2026-57572</guid>
      <pubDate>Mon, 06 Jul 2026 20:16:21 +0000</pubDate>
    </item>
  </channel>
</rss>
